-
Notifications
You must be signed in to change notification settings - Fork 2
Using the Server Through a Program
It is theoretically possible to remotely control the server through its API. This means you could write a program to have it automatically write posts for you, for example. The only problem with this idea is the authentication step. The server authenticates incoming requests through the use of cookies, and the browser will refuse to give those cookies to anything, including your own scripts. Therefore, you will have to write a program to perform the authorization by itself. You can be authorized by the server to then give you the cookies necessary to use the API.
I have written an example script to demonstrate how it could be done. You must have generated a code from the server and placed it in the "code" variable's value first. This script will call the /auth route passing in the code to be authenticated, then extract the cookies from the response headers and then those cookies can now be used in future requests. You would want this program to continue running so you can repeatedly reuse the cookie's values. Just be warned that if anything else gets access to those cookies your server is compromised. So, you know, please know what you're doing.
const code = '123456';
const domain = 'http://localhost:8000';
const response = await fetch(`${domain}/api/auth`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
code: code
}),
});
const results = await response.json();
if (results.success) {
const authCookie = response.headers.get("set-cookie");
console.log(authCookie)
const headers = new Headers();
headers.set('Cookie', authCookie);
const response2 = await fetch(`${domain}/api/post`, {
method: 'GET',
headers: headers,
});
const results2 = await response2.json();
console.log(results2);
}