Titanium Community Questions & Answer Archive

We felt that 6+ years of knowledge should not die so this is the Titanium Community Questions & Answer Archive

Cannot login to website using createHTTPClient

I know that there are a lot of similar questions so I apologise, but I have not found a solution to my specific problem. Most of the queries I have seen have related to Android, validating with get or header authentication.

I am using Titanium mobile to create an iPhone application and I need to log in to a website. The website uses a simple login form (email address and password) that is submitted using POST.

I can submit information to other forms on the same site that use POST but do not require you to be logged in but I cannot get the login form to work.

When I submit the form I get exactly the same page back in responseText, no login failure message or errors, it is just as if I have refreshed the page. I get a readyState 4 and responseCode 200.

The code I am using is as follows:

var xhr = Titanium.Network.createHTTPClient();

xhr.onreadystatechange = function() {
    if (this.readyState == 4) {
        temptext = this.responseText;
        ....
    }
}

xhr.open("POST","http://www.websiteaddress.co.uk/");
xhr.setRequestHeader( 'Content-Type','application/x-www-form-urlencoded' );
xhr.send({"email":"myemail","password":"password"});

I added the setRequestHeader following advice in other posts, it makes no difference wether it is there or not. I have also tried with the form field names both enclosed in quotes and without, again from reading other posts.

I suspect that this is a problem with the website and not specific to Titanium, but unfortunately the website is not mine and I suspect the designer has used an off the self OS CMS so will probably not have a clue as to what additional requirements the login processing has.

If anyone has had the same problem I would be very grateful for advice.

Many thanks

Des

— asked September 11th 2010 by Derrick Huth
  • createhttpclient
  • login
  • mobile
  • network
  • post
  • xhr
0 Comments

1 Answer

  • Could it be to do with your website code creating a session for the user when they are logged in or not. I'm in the process of creating an MMO, all I do is send login credentials along with every request. If the login details are correct my server sends the requested info back, else it send a not logged message to handle by the app.

    — answered September 11th 2010 by Gary Everest
    permalink
    1 Comment
    • It's not a problem with session cookies as the account has definitely not been verified. I just get a blank form back.

      I have made some progress, I missed that the form had a hidden field and the submit button is not named submit. The form looks like this:

      <form name="login" method="post" action="/account/login/">
      <input name="email" id="email" type="text" class="input" size="30" value="" />
      <input name="password" id="password" type="password" class="input" size="30" />
      <input name="login" type="submit" value="Login" class="button" />
      <input type="hidden" name="login_page" value="http://www.website.co.uk/" />
      </form>
      

      So I have changed the code as follows:

          xhr.open("POST","http://www.website.co.uk/account/login/");
          xhr.setRequestHeader( 'Content-Type','application/x-www-form-urlencoded' );
          xhr.send({"email":"myemail","password":"mypass","login_page":"http://www.website.co.uk/","login":"Login"});
      

      It is now trying to login, if I put an incorrect password in I get back a page informing me that the password is incorrect. However, if I put the correct password in I get an error message "Error Domain=ASIHTTPRequestErrorDomain Code=9 The request failed because it redirected too many times". I get the same message if I omit the page redirect form element.

      One step forward…!

      — commented September 11th 2010 by Derrick Huth
The ownership of individual contributions to this community generated content is retained by the authors of their contributions.
All trademarks remain the property of the respective owner.