server login
Answered
I tried several times to login to the server but it did not work and each time I request a URL like camera stream it keeps ask me for login credentials how can I log in to the server for one time.I tried use the auth_digest and send it with the url but it did not work.
-
Can you please provide more details? Like a reproduction scenario and the URLs you used.
Thank you.
0 -
I tried to use the cookieLogin method and used the algorithm you provided on your site to generate the authentication hash
and when try to call it with the auth hash it always give me an error which is:
{"error":"2","errorString":"Invalid json object. All fields are mandatory","reply":null}
Also I tried to provide the auth hash with any other http request but still gives me Unauthorized error
Thanks
0 -
Hi Marah Abdelrazeq,
Please provide the reproduction scenario and the script you created for the authentication hash.
The error is clear; there is an invalid json object and it seems you missed a field or this happened due to the invalid json object.
0 -
this is a sample code I used to try to get stream from a camera I provided the authentication hash code but still give me unauthorized error
<cfhttp method="get" url="http://192.168.6.210:7001/media/061f5ef0-8063-b8bc-1239-33892896c912.webm"><cFHttpparam type="header" value="YWRtaW46NWFlZjAxMjEyMTAxODowQkI1ODA0OEZCOEUxMDYxQjRCNjM4MzA5QjE2RDlGMA==" name="auth">
</cfhttp>0 -
this is a sample code for the cookieLogin method which returns invalid json error
<cfset JSON["auth"] ="YWRtaW46NWFlZjAxMjEyMTAxODowQkI1ODA0OEZCOEUxMDYxQjRCNjM4MzA5QjE2RDlGMA==">
<cfhttp method="POST" url="http://192.168.6.210:7001/api/cookieLogin" >
<cFHttpparam type="body" value="#serializejson(JSON)#" >
</cfhttp>0 -
Hello Marah,
It does not seem to be the complete code. How do you get this?
<cfset JSON["auth"] ="YWRtaW46NWFlZjAxMjEyMTAxODowQkI1ODA0OEZCOEUxMDYxQjRCNjM4MzA5QjE2RDlGMA==">
Here is a very useful repository. https://github.com/networkoptix/nx_open_integrations.git
There are js examples in node_js folder. You could just use the lib or discover in greater details the source code.
After completing steps of readme.md, mediaserverApi.js appears in the src folder.
For cookie login have a look at these methods MediaserverApi.prototype.login, MediaserverApi.prototype.cookieLogin, MediaserverApi.prototype.makeAuth, MediaserverApi.prototype.getNonce
For basic auth have a look at this one MediaserverApi.prototype.basicAuthRequest0 -
is there any java script library the above repository you provided to me is in node js
0 -
Hi Marah,
I'm afraid I don't quite understand your question.
Wikipedia https://en.wikipedia.org/wiki/Node.js explains
Node.js is an open-source, cross-platform, back-end, JavaScript runtime environment that executes JavaScript code outside a web browser.
What do you means by "any java script library"?
The framework offered is a java script library.Could we extend the context and have a bigger picture?
Could you, please, elaborate a bit what is the problem you are trying to solve?0 -
Marah, please try URL-based authentication.
Shortly speaking, the hash you calculated needs to be passed as a query parameter "auth".
For example http://192.168.6.210:7001/media/061f5ef0-8063-b8bc-1239-33892896c912.webm?auth=YWRtaW46NWFlZjAxMjEyMTAxODowQkI1ODA0OEZCOEUxMDYxQjRCNjM4MzA5QjE2RDlGMA
You can find more information in the API documentation.
Other authentication methods will not work in the browser.
0 -
Thanks the URL-based authentication worked fine for me but when the authentication hash expired I tried to recalculate it but the site keeps asking me for user name and password once the hash is expired although I recalculate it
0 -
What specific steps do you in code do when the hash expires? Do you request a new nonce?
Do you have a small script that replicates the issue?
0 -
I used your algorithm to calculate the authentication hash and I send it in the url and it worked fine but this hash expires so I recalculate it every time it expired but a popup always appear requesting the credentials is there any way to prevent this pop up from appearing
0 -
I see.. try adding /web before /api or /ec2
For example: http://127.0.0.1:7001/web/api/getModuleInformation
0 -
unfortunately this did not work , this is what I get always although I recalculate the hash and I got the stream from the camera
0 -
Ok, I think we need to look into the problem with a code sample.
Can you share some minimal code that replicates it?
0 -
$.ajax({
url: "http://192.168.6.74:7001/media/061f5ef0-8063-b8bc-1239-33892896c912.webm?auth=YWRtaW46NWIzMDcwMWQ4N2ZmMDo4ZjVhMmRjN2UxNGUxZjVlOGVhNjVhMjUwMjUyZjMxZA==",
type: "GET", // GET, POST
async: true,
error: function (xhr, textStatus, errorThrown) {
console.log(errorThrown)
}
});when the error returned from the ajax request is 401 UNAUTHORIZED I recalculate the authentication hash and the stream from the camera is displayed but I still has the login popup appeared.
this the code to calculate the authentication hash:
cfhttp( url="http://192.168.6.74:7001/api/getNonce", method="get" ) {
}
httpResult=deserializejson(cfhttp.Filecontent).reply;
httpReply= httpResult.nonce;digest = lcase(hash('admin' & ":" & 'VMS' & ":" & 'Nafith2020', "md5"));
partial_ha2 =lcase( hash('GET' & ":", "md5"));
simplified_ha2 = lcase(hash(digest & ":" & httpReply & ":" & partial_ha2, "md5"));
auth_digest = tobase64('admin' & ":" & httpReply & ":" & simplified_ha2);0 -
Hi Marah,
login popup appears upon receiving from server status code 401 with header WWW-Authenticate. You should try to avoid the situation when you access the camera stream with an outdated auth string. You should generate a new auth string each time your webpage is being refreshed.
>$.ajax({
Could you give more details on the scenario when this request returns 401? Ideally, you shouldn't reuse auth string like this in your code. If media stream fails for some reason(like network issue) new auth string should be generated using new nonce parameter each time you want to open stream. So there shouldn't be a case when you re-use the old link and server response with 401.
0 -
Thanks for your reply.Is there any way to know the time needed for the authentication hash to be expired so we can reuse it as long as it is valid and recalculate it once it is expired
0 -
I have another problem when trying to get an archive stream and providing a (pos) parameter in the URL it keeps loading with no stream appear.
0 -
>Thanks for your reply.Is there any way to know the time needed for the authentication hash to be expired so we can reuse it as >long as it is valid and recalculate it once it is expired
Authentication should be valid for as long as the session between web client and media server is active, so there shouldn't be a need to reuse it.
It is best to consider this as a one-time URL. You shouldn't use Video.play() with the same URL more than once.
>I have another problem when trying to get an archive stream and providing a (pos) parameter in the URL it keeps loading with >no stream appear.
There could be multiple factors causing it. Could you please provide an example of your http request for recording? Do you have any errors in the Developer console of your web browser? As a first step, I would suggest trying to test URL with vlc player. This issue doesn't seem to be related to the authorization. Could you please create a new forum thread for this issue and provide the details I requested?
0
Please sign in to leave a comment.
Comments
20 comments