Hello,
I try to duplicate a function, which works nicely on command line, but fails in Node-RED.
Use-case is accessing the data from Tesla Powerwall 2 with authentication leveraging cookies.
The server requires authentication, and sends me back a token and auth+user cookies. I do get a successful authentication with a POST request and save the cookies into the form context. Next I trigger another POST to an API with the cookies.
The server seems to handle it, it accepts the authentication cookie, but is not able to continue for some reason and fails with 401 on user session.
So, what might be different from requesting through command line and node-red?
This is the working command line:
curl -k -O -c cookies.txt -X POST https://myPowerall/api/login/Basic -H "Content-Type: application/json" -d "{\"username\": \"customer\",\"email\": \"mymail.com\",\"password\": \"somepassword\"}"
curl -k -O -b cookies.txt https://myPowerall/api/meters/aggregates
The following is the Flow I've created:
[{"id":"4e97b6c0.e8021","type":"tab","label":"Flow 5","disabled":false,"info":""},{"id":"61253169.d2153","type":"inject","z":"4e97b6c0.e8021","name":"Form Data","props":[{"p":"payload"},{"p":"headers","v":"{\"Content-Type\":\"application/json\"}","vt":"json"}],"repeat":"","crontab":"","once":false,"onceDelay":0.1,"topic":"","payload":"{\"username\":\"customer\",\"email\":\"user_credential_as_email\",\"password\":\"a_great_password\"}","payloadType":"json","x":200,"y":100,"wires":[["a3a0b684.b246f8"]]},{"id":"a3a0b684.b246f8","type":"http request","z":"4e97b6c0.e8021","name":"","method":"POST","ret":"txt","paytoqs":"ignore","url":"https://myserver/api/login/Basic","tls":"420b13e0.06994c","persist":false,"proxy":"","authType":"","x":250,"y":200,"wires":[["e6aa1405.479b08"]]},{"id":"9ef45380.818898","type":"debug","z":"4e97b6c0.e8021","name":"","active":true,"tosidebar":true,"console":false,"tostatus":true,"complete":"true","targetType":"full","statusVal":"payload","statusType":"auto","x":890,"y":200,"wires":[]},{"id":"e6aa1405.479b08","type":"json","z":"4e97b6c0.e8021","name":"Ergebnis konvertieren","property":"payload","action":"","pretty":true,"x":500,"y":200,"wires":[["80d5302.45ca45"]]},{"id":"80d5302.45ca45","type":"change","z":"4e97b6c0.e8021","name":"Set Token","rules":[{"t":"set","p":"authCookies","pt":"flow","to":"responseCookies","tot":"msg"},{"t":"set","p":"token","pt":"flow","to":"payload.token","tot":"msg"}],"action":"","property":"","from":"","to":"","reg":false,"x":720,"y":200,"wires":[["9ef45380.818898"]]},{"id":"782da96c.acd058","type":"inject","z":"4e97b6c0.e8021","name":"Send Cookies","props":[{"p":"cookies","v":"authCookies","vt":"flow"}],"repeat":"","crontab":"","once":false,"onceDelay":0.1,"topic":"","x":250,"y":300,"wires":[["84dbabf.c551f58"]]},{"id":"84dbabf.c551f58","type":"http request","z":"4e97b6c0.e8021","name":"Aggregate","method":"GET","ret":"txt","paytoqs":"ignore","url":"https://myserver/api/meters/aggregates","tls":"420b13e0.06994c","persist":false,"proxy":"","authType":"","x":450,"y":300,"wires":[["55c339de.d607"]]},{"id":"55c339de.d607","type":"debug","z":"4e97b6c0.e8021","name":"","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"true","targetType":"full","statusVal":"","statusType":"auto","x":670,"y":300,"wires":[]},{"id":"420b13e0.06994c","type":"tls-config","name":"Ungeprüft Self-Signed","cert":"","key":"","ca":"","certname":"","keyname":"","caname":"","servername":"","verifyservercert":false}]
If I exclude the cookies, I get an access denied, so I can confirm authentication actually works.
What's puzzling me is, that the server also seems to try to use the same auth cookie again to identify the user session although there is a dedicated user_cookie, and fails there.
Any tips are very much appreciated!