+ Post New Thread
Results 1 to 11 of 11
Coding Thread, Home Access Plus Login Box in Coding and Web Development; Hi, I am trying to create a simple php form to put on my website as a login straight from ...
  1. #1

    Join Date
    Sep 2013
    Location
    Worcestershire
    Posts
    104
    Thank Post
    2
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Home Access Plus Login Box

    Hi, I am trying to create a simple php form to put on my website as a login straight from the front page to Home access plus.

    Here's the code i am trying to use.
    Code:
    <form action="https://portal.st-augustines.worcs.sch.uk/HAP/login.aspx" method="post" name="form" id="form">
      <p><input type="text" name="username" size="15" /></p>
      <p><input type="password" name="password" size="15" /></p>
      <p><input type="submit" name="Submit" value="Login" /></p>
    </form>
    The problem i have is that it isnt logging me into HAP its just showing me the login page. Where have i gone wrong?

    I am using Wordpress for my website if that helps at all ?
    Thanks!

  2. #2

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,675
    Thank Post
    43
    Thanked 557 Times in 465 Posts
    Rep Power
    122
    You won't be able to use that code to auto login, as ASP.net will reject the post as it doesn't contain a session id or any other .net related fields.

    There is however a JSON API which you can use (it's actually used by the Win 8 App).

    Do a jquery POST call to /api/ad/

    /hap/api/ad/?2345666
    Code:
    { "Username": "someusername", "Password": "somepassword" }
    application/json

    This is what is returned:
    Code:
    {
        "FirstName":"String content",
        "SiteName":"String content",
        "Token1":"String content",
        "Token2":"String content",
        "Token2Name":"String content",
        "Username":"String content",
        "isValid":true
    }
    You then set 2 cookies, one is called "token" with the content of Token1, the other is called he content of Token2Name, with the content of Token2. Set this as a session cookie, is a HTTPS cookie.

    That should be all you need to do, in theory.

    In theory someone could write a php front end for HAP+ and just use the .net system as a back end JSON server. In theory.
    Last edited by nickbro; 14th August 2014 at 10:13 PM.

  3. #3

    Join Date
    Sep 2013
    Location
    Worcestershire
    Posts
    104
    Thank Post
    2
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks for the Reply nick! i will try and figure that out and how i can use it Thanks!

  4. #4

    Join Date
    Sep 2013
    Location
    Worcestershire
    Posts
    104
    Thank Post
    2
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    HI Nick, I have come up with some code but cannot seem to get a reply at all. i know i am doing something wrong as im new to programming.

    heres my code

    Code:
    <!DOCTYPE html>
    <html>
    <head>
    <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
    <script>
    $(document).ready(function(){
      $("button").click(function(){
        $.post("https://portal.st-augustines.worcs.sch.uk/hap/api/ad/application/json",
        {
          Username:"hapusername",
          Password:"happassword"
        },
        function(data,status){
          alert("Data: " + data + "\nStatus: " + status);
        });
      });
    });
    </script>
    </head>
    <body>
    
    
    <button>Send a Rquest</button>
    
    
    </body>
    </html>
    I am doing this to test to see if i can get a reply.

    Any help would be good

  5. #5

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,675
    Thank Post
    43
    Thanked 557 Times in 465 Posts
    Rep Power
    122
    You will need to make sure you use the AJAX function not post, it requires the contentType (application/json) and set the dataType to json

  6. #6

    Join Date
    Sep 2013
    Location
    Worcestershire
    Posts
    104
    Thank Post
    2
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks for your help so far Nick appreciated

    Here is what i have now, still cant seem to get any response.

    Code:
    <!DOCTYPE html><html>
    <head>
    <script src="http://code.jquery.com/jquery-latest.min.js"></script>
    <script>
    $(document).ready(function(){
      $("button").click(function(){
    var formData = {Username:"someusername",Password:"somepassword"};
        $.ajax({
        url : "https://portal.st-augustines.worcs.sch.uk/hap/api/ad/application/json",
        type: "POST",
    	contentType:"application/json",
    	dataType:"json",
        data : formData,
        success: function(data, textStatus, jqXHR)
        {
            //data - response from server
        },
        error: function (jqXHR, textStatus, errorThrown)
        {
     
        }
        
       });
      });
    });
    </script>
    </head>
    <body>
    <button>Send POST</button>
    </body>
    </html>
    Thanks Nick !

  7. #7

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,675
    Thank Post
    43
    Thanked 557 Times in 465 Posts
    Rep Power
    122
    Ok, here's some working code, some changes are needed to the web.config file

    Add this to the <system.webServer /> element:
    HTML Code:
     <httpProtocol>
                <customHeaders>
                    <add name="Access-Control-Allow-Origin" value="*" />
                </customHeaders>
            </httpProtocol>
    You can replace * with your top level domain name if you want, e.g. st-augustines.worcs.sch.uk

    This is my test code I then used:
    HTML Code:
    <!DOCTYPE html>
    
    <html lang="en" xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta charset="utf-8" />
        <title></title>
        <script src="http://code.jquery.com/jquery-1.11.0.min.js"></script>
    </head>
    <body>
        <label for="username">Username: </label>
        <input type="text" id="username" /><br />
        <label for="password">Password: </label>
        <input type="password" id="password" /><br />
        <input type="submit" id="login" value="Login" />
        <script>
            $("#login").click(function () {
                $.ajax({
                    url: "https://portal.st-augustines.worcs.sch.uk/hap/api/ad/" + $("#username").val() + "/" + $("#password").val(),
                    type: "GET",
                    success: function (data, textStatus, jqXHR) {
                        Set_Cookie("token", data.Token1.replace(" ", "+"), "/", ".st-augustines.worcs.sch.uk", true)
                        Set_Cookie(data.Token2Name, data.Token2, "/", ".st-augustines.worcs.sch.uk", true)
                        location.href = "https://portal.st-augustines.worcs.sch.uk/hap/";
                    },
                    error: function (jqXHR, textStatus, errorThrown) {
    
                    }
                });
                return false;
            });
    
            function Set_Cookie(name, value, path, domain, secure) {
                document.cookie = name + "=" + value +
                ((path) ? ";path=" + path : "") +
                ((domain) ? ";domain=" + domain : "") +
                ((secure) ? ";secure" : "");
            }
        </script>
    </body>
    </html>
    You will need to add a way of detecting failed logins.

    The one problem with this method is it doesn't allow the user to log off unless they close the browser. One way of possibly solving could be via setting the forms authentication domain component to the top level domain

    Then to the <forms /> element add domain=".st-augustines.worcs.sch.uk"

    But I haven't tested that

  8. #8

    Join Date
    Sep 2013
    Location
    Worcestershire
    Posts
    104
    Thank Post
    2
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks Nick ! I have put that up on the site here:
    http://dev.st-augustines.worcs.sch.u...rtalLogin.html

    I guess im probably missing something on my server configuration as when i click submit it does nothing, Sorry for the hassle.

    Thanks

  9. #9

    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,675
    Thank Post
    43
    Thanked 557 Times in 465 Posts
    Rep Power
    122
    If you use firebug it usually will tell you what is wrong, in my case it was stupid cors

  10. #10

    Join Date
    Sep 2013
    Location
    Worcestershire
    Posts
    104
    Thank Post
    2
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks for your help Nick ! All working now ! The problem was with cors . I had put it in the wrong place. Thanks !

  11. #11

    Join Date
    Sep 2013
    Location
    Worcestershire
    Posts
    104
    Thank Post
    2
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Just been thinking about the failed login, i assume that when the wrong username and password is entered HAP gives an error back. Could i not code it so upon error display Wrong username and password?

    Thanks Nick



SHARE:
+ Post New Thread

Similar Threads

  1. Home Access Plus+
    By nickbro in forum Home Access Plus+
    Replies: 784
    Last Post: 24th February 2014, 04:39 PM
  2. Convert Home access plus site to secure site in IIS 7?
    By reggiep in forum Home Access Plus+
    Replies: 1
    Last Post: 28th April 2011, 02:23 PM
  3. Home Access Plus+ Welcome
    By nickbro in forum Home Access Plus+
    Replies: 0
    Last Post: 28th April 2011, 01:59 PM
  4. Home Access Plus+
    By nickbro in forum Web Development
    Replies: 728
    Last Post: 27th April 2011, 11:18 PM
  5. Home Access Plus - How Secure?
    By andy_d in forum Internet Related/Filtering/Firewall
    Replies: 9
    Last Post: 31st March 2011, 01:30 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •