Vesta Control Panel - Forum

Community Forum
http://forum.vestacp.com/

API check username and password

http://forum.vestacp.com/viewtopic.php?f=18&t=14184

Page 1 of 1

API check username and password

Posted: Fri Mar 24, 2017 9:09 pm
by Makke007
Hi,

I want to use the API to check username and password, but it doesn't work.
Everytime he pass the check, I'll get 'OK: User can login'. It doesn't matter what value $username or $password contains.
I've only a problem with this one, other API scripts works good.

Code: Select all

<?php
// Server credentials
$vst_hostname = 'server.vestacp.com';
$vst_username = 'admin';
$vst_password = 'p4ssw0rd';
$vst_command = 'v-check-user-password';
$vst_returncode = 'yes';

// Account
$username = 'demo';
$password = 'demopassword';

// Prepare POST query
$postvars = array(
    'user' => $vst_username,
    'password' => $vst_password,
    'cmd' => $vst_command,
    'arg1' => $username,
    'arg2' => $password
);
$postdata = http_build_query($postvars);

// Send POST query via cURL
$postdata = http_build_query($postvars);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'https://' . $vst_hostname . ':8083/api/');
curl_setopt($curl, CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata);
$answer = curl_exec($curl);

// Check result
if($answer == 0) {
    echo "OK: User can login\n";
} else {
    echo "Error: Username or password is incorrect\n";
}

?>
Thanks.

Re: API check username and password

Posted: Fri May 26, 2017 2:39 am
by BBuchanan1013
Makke007 wrote:Hi,

I want to use the API to check username and password, but it doesn't work.
Everytime he pass the check, I'll get 'OK: User can login'. It doesn't matter what value $username or $password contains.
I've only a problem with this one, other API scripts works good.

Code: Select all

<?php
// Server credentials
$vst_hostname = 'server.vestacp.com';
$vst_username = 'admin';
$vst_password = 'p4ssw0rd';
$vst_command = 'v-check-user-password';
$vst_returncode = 'yes';

// Account
$username = 'demo';
$password = 'demopassword';

// Prepare POST query
$postvars = array(
    'user' => $vst_username,
    'password' => $vst_password,
    'cmd' => $vst_command,
    'arg1' => $username,
    'arg2' => $password
);
$postdata = http_build_query($postvars);

// Send POST query via cURL
$postdata = http_build_query($postvars);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'https://' . $vst_hostname . ':8083/api/');
curl_setopt($curl, CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata);
$answer = curl_exec($curl);

// Check result
if($answer == 0) {
    echo "OK: User can login\n";
} else {
    echo "Error: Username or password is incorrect\n";
}

?>
Thanks.
Have you tried:

Code: Select all

$vst_returncode = '';
Maybe set a check for this to ensure it's actually correct instead of assuming it is. No offense.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/