XML-RPC Protocol Method: sessiongenerate

From Dreamwidth Notes
Jump to: navigation, search
Needs Update: This documentation was ported over from LJ's Server Manual with minimal modification. It may not match Dreamwidth's implementation of the method, and needs to be double checked against the DW code and updated as necessary.

In order to interact with some web based parts of the site, such as the comment exporter, it is often useful to be able to generate a login cookie without having to actually post login information to the login.bml page. This mode will, with proper authentication, provide you with a session cookie to use for authentication purposes.

Inputs

username Scalar. Required. Username of user logging in.

auth_method Scalar. Optional. Authentication method used for this request. The default value is "clear", for plain-text authentication. "cookie" and any of the challenge-response methods are also acceptable.

password Deprecated. Scalar. Optional. Password of user logging in in plaintext. If using the "clear" authentication method, either this or "hpassword" must be present.

hpassword Deprecated. Scalar. Optional. MD5 digest of user's password. Not much more secure than password, but at least it's not in plain text.

auth_challenge Scalar. Optional. If using challenge-response authentication, this should be the challenge that was issued to you by the server.

auth_response Scalar. Optional. If using challenge-response authentication, this should be the response hash that you generate, based on the formula required for your challenge.

ver Scalar. Optional. Protocol version supported by the client; assumed to be 0 if not specified. See Protocol Versions for details on the protocol version.

expiration Scalar. Optional. Sessions can either expire in a short amount of time or last for a long period of time. You can specify either "short" or "long" as the value of this parameter. Short is 24 hours, long is 30 days.

ipfixed Scalar. Optional. If specified and true, this will cause the server to generate a session that is only valid from the IP address the sessiongenerate request was sent from. If you leave out this value, it will default to allowing any IP address to use this session information.

Example Request

POST /interface/xmlrpc HTTP/1.0
User-Agent: XMLRPC Client 1.0
Host: www.dreamwidth.org
Content-Type: text/xml
Content-Length: 542
 
<?xml version="1.0"?>
<methodCall>
  <methodName>LJ.XMLRPC.sessiongenerate</methodName>
  <params>
    <param>
      <value><struct>
        <member>
          <name>username</name>
          <value><string>test</string></value>
        </member>
        <member>
          <name>password</name>
          <value><string>test</string></value>
        </member>
        <member>
          <name>ver</name>
          <value><int>1</int></value>
        </member>
        <member>
          <name>expiration</name>
          <value><string>long</string></value>
        </member>
        <member>
          <name>ipfixed</name>
          <value><string>1</string></value>
        </member>
      </struct></value>
    </param>
  </params>
</methodCall>

Outputs

ljsession Scalar. Required. The session generated.

Example Response

HTTP/1.1 200 OK
Connection: close
Content-length: 228
Content-Type: text/xml
Date: Fri, 26 Mar 2004 18:14:17 GMT
Server: Apache/1.3.4 (Unix)
 
<?xml version="1.0" encoding="UTF-8"?>
<methodResponse>
  <params>
    <param>
      <value><struct>
        <member>
          <name>ljsession</name>
          <value><string>ws:test:124:zfFG136kSz</string></value>
        </member>
      </struct></value>
    </param>
  </params>
</methodResponse>
Retrieved from "http://wiki.dreamwidth.net/wiki/index.php?title=XML-RPC_Protocol_Method:_sessiongenerate&oldid=9091"