Most frameworks have a cookie jar session handling as part of the language. I dont program PHP myself, but it should have the generic cookie handling you're looking for.
On Fri, Jul 14, 2017 at 12:13 PM, Daniel Barrett <d...@vistaprint.com> wrote: > I'm trying to log into a MediaWiki 1.28 site using the API and a > standalone PHP script, but it keeps failing with the error "invalid token." > I can successfully retrieve a login token: > > $tokenRequest = array( > 'action' => 'query', > 'format' => 'json', > 'meta' => 'tokens', > 'type' => 'login', > ); > > But when I issue my "action=clientlogin" request, I always get the error > "code=badtoken, info = invalid token": > > $loginRequest = array( > 'action' => 'clientlogin', > 'format' => 'json', > 'logintoken' => $token, > 'loginreturnurl' => 'https://example.com/', > 'username' => $username, > 'password' => $password, > 'domain' => 'mydomain', > 'rememberMe' => 1, > ); > > I suspect the problem is that the two requests are not explicitly being > made in the same session. That is, I'm not adding the header "Cookie: > <session cookie>" to my second HTTP POST. How do I retrieve the session > cookie after issuing my meta=tokens request so I can hand it to the client > login request? In earlier versions of MediaWiki, I could get the cookie > information from an API call, "action=login". This has been deprecated but > I haven't seen any examples of the new way to do it, just generic > instructions like "Clients should handle cookies to properly manage session > state." > > I'm not operating inside the MediaWiki codebase with its WebRequest, > SessionManager, etc. classes -- this is a standalone script. > > Thank you, > DanB > > > _______________________________________________ > Mediawiki-api mailing list > Mediawiki-api@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/mediawiki-api >
_______________________________________________ Mediawiki-api mailing list Mediawiki-api@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-api