This object is in archive! 

My very own app

Vukan Bošković shared this question 8 years ago
Need Answer

Hello there!


In my scenario, I have only three switches which I want to control.

Therefore I want to create my own mobile/web app. I do not want to use zipato official app. I want one very basic mobile app which has only three buttons.


From my own app, I'm triggering HTTP requests (for example PUT REQUST: [b]https://my.zipato.com:443/zipato-web/v2/attributes/{uuid}/value[/b]) and sending necessary data in request header. It works fine while I'm sending cookie in header which I stole from official my.zipato.com web app. Once I remove cookie from my request, or I logout from my.zipato.com I get "[b]401: Unauthorized[/b]" response from server.


I realize some kind of authentication is needed, but how can I overcome this issue? How can I authenticate from my very own app?


Thanks in advance!

Replies (6)

photo
1

have you tried just using imperihome app?


try logging in to the control centre and viewing the api, there you will find the requests to make.

you need to enter login details and passwords, obviously once logged in on web server you are already authenticated, so you dont need these details in your requests, but if you log out you do. Read the API

photo
1

I don't want to use any app except my own.


I've browsed the API (previously logged in to control centre) of course. It's not problem for me to make a request. Problem is header content in my HTTP request. I need somehow to authenticate myself, but I can't find any word how to do that in API documentation.

photo
1

Well, at the very least you should be able to use virtual sensors and link the sensor to a switch. For each switch you will have one virtual sensor. The virtual sensor does have HPPTS link so you can change the state.

photo
1

are you trying local or remote commands?

remote should be like this https://my.zipato.com/zipato-web/remoting/attribute/set?serial=XXXXXXXXXXXXXXXX&ep=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX&apiKey=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX&state=true

local should be you ip address, i think liek this http://192.168.x.xx:8080/v2/rest/user/login?username=email login&token=password/attribute/set?serial=XXXXXXXXXXXXXXXX&ep=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX&apiKey=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX&state=true

remember remote is https local is http. I think this is right anyway.

photo
1

After all seems like GET /user/login

should get the job done. From json data which it returns I am able to login...


Thanks a lot!

photo
1

At the end of a day, I'm not able to login yet :)


I keep getting response "User myusername@example.com not found or wrong password"


Trying to login via web executing remote comand like:

https://my.zipato.com/zipato-web/v2/user/login?token=da63fb69aeb03c776bd23e91e2c1cb3df30135d3&username=myusername@examle.com


Token is generated in next steps:


1) I'm firing init request https://my.zipato.com:443/zipato-web/v2/user/init to fetch the nonce.


2) I concatenate String nonce and String sha1(myPassword)

so if I would have, for example, nonce=gkrdqdjtrriGWJfw and password=da63fb69aeb03c776bd23e91e2c1cb3df30135d3 then the result of concatenation is gkrdqdjtrriGWJfwda63fb69aeb03c776bd23e91e2c1cb3df30135d3


3) I'm doing sha1(gkrdqdjtrriGWJfwda63fb69aeb03c776bd23e91e2c1cb3df30135d3) so I get like token = da63fb69aeb03c776bd23e91e2c1cb3df30135d3


Any ideas why I can't login?

photo
1

no, been getting this myself sometimes when trying to login. Funny thing is that I can login via the domomea app or myhauppaugge app(android).

photo
Leave a Comment
 
Attach a file