{{
`${userDetail.user.displayName}${userDetail.user.cachedBungieGlobalDisplayNameCode ? `#${standardizeBungieGlobalCode(userDetail.user.cachedBungieGlobalDisplayNameCode)}` : ""}`}}
{{getUserClans()}}
originally posted in:BungieNetPlatform
View Entire Topic
9/13/2014 11:35:08 AM
3
Authentication
A pretty basic question, but how do you authenticate? I see both the C# and the Node.js API have some auth mechanisms and some ways to circumvent the CSRF protection. But I don't know what it is you're doing and how you're doing it, and I suck at C. I'm a Python guy and want to get some data to analyse, as well as create a Python wrapper. Any help appreciated!
-
7 RepliesAt first, the CSRF protection really only is for POST data so you only need it if you want to actually do something beyond fetching data. You would probably need a headless browser to fetch the cookies from. I only know of QtWebkit but that might be a bit much. The basic steps you need to take are these: 1. Choose an Auth Strategy you want to use (FB/PSN/XBL, haven't yet gotten google to work) 2. Automate the login process on a headless browser using your favorite scripting language. Use http://www.bungie.net/de/User/SignIn/[AuthStrategy] to get a proper redirect. 3. Wait until you get back to the bungie signin page with a code or better, check for the bungleatk token (you'll need it). 4. Dump all the cookies from the browser, make sure that there is the bungleatk token. 5. Feed the cookies into a cookiejar and use it on subsequent requests in your favorite scripting language 6. Profit.
