$user = "my user";
$passw = "my passw";

$url = "https://my.zipato.com:443/zipato-web/v2/";
//$url = "http://192.168.1.24:8080/zipato-web/v2/";


	$ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url."user/init");
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_HTTPGET, true);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        $output = curl_exec($ch);
	$json = json_decode($output);
		
        $jid = $json->{'jsessionid'};  
        $nonce = $json->{'nonce'};    
        $token=sha1($nonce.sha1($passw));  

	print_r($json);  
		
        curl_setopt($ch, CURLOPT_URL, $url."user/login?username=".$user."&token=".$token);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_COOKIE, 'JSESSIONID='.$jid);
        curl_setopt($ch, CURLOPT_HTTPGET, true);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        
        $output = curl_exec($ch);
        curl_close($ch);
        
        print_r($output);