Preserving session cookies between HTTP requests

Anvil Q&A
1

Hi
is it possible to preserve Session cookies between two subsequent call to the same URL using anvil.http.requests?
And why is standard requests library loosing session info when used from Anvil’s server code? (works on an Uplink)

Follows an explanation of context.

I have a private mediawiki installation and I am trying to fetch its “Special:RecentChanges” in order to provide its contents as a “What’s new” in my Anvil APP.
I am trying to log-in and now I need to cope with this documented bug.
Following TGR’s suggestions, I need to make 2 separate Mediawiki’s HTTP API calls:

  1. the first without the token I need to login: this will give me a token in the response
  2. the second with the token received in step 1

mantaining the session cookies between the calls, otherwise I will get the same warning response on the 2nd call as well.

So, question #1 is: I wrote this code leveraging anvil.http.request but I don’t know how to mantain session between the calls:

PARAMS_1 = {
      'action':"login",
      'lgname':"my-secret-username",
      'lgpassword':"my-super-secret-password",
#      'lgtoken':LOGIN_TOKEN,
      'format':"json"
  }
  
  R = anvil.http.request(url=URL,
                method="POST",
                data=PARAMS_1)
  # cannot use anvil.http.request "json=True" parameter because of this https://anvil.works/forum/t/anvil-http-request-invalid-json-in-response/4217

  DATA = R.get_bytes().decode('utf-8') 
  response_dict = json.loads(DATA) 
  LOGIN_TOKEN = response_dict['login']['token']
  
  # 2) LOGIN WITH TOKEN RETRIEVED FROM ERROR RESPONSE
  PARAMS_1 = {
      'action':"login",
      'lgname':"my-secret-username",
      'lgpassword':"my-super-secret-password",
      'lgtoken':LOGIN_TOKEN,
      'format':"json"
  }
  
  R = anvil.http.request(url=URL,
                method="POST",
                data=PARAMS_1)

  DATA = R.get_bytes().decode('utf-8')
  response_dict = json.loads(DATA)

So I followed their (mediawiki’s) login requests-based python example, modifying it in order to use the deprecated schema suggested by TGR: first attempt to get the token, second attempt to log in.

  S = requests.Session()

  PARAMS_1 = {
      'action':"login",
      'lgname':"my-secret-username",
      'lgpassword':"my-super-secret-password",
#      'lgtoken':LOGIN_TOKEN,
      'format':"json"
  }
  
  R = S.post(URL, data=PARAMS_1)
  DATA = R.json()
  LOGIN_TOKEN = DATA['login']['token']

  # 2) LOGIN WITH TOKEN RETRIEVED FROM ERROR RESPONSE
  PARAMS_1 = {
      'action':"login",
      'lgname':"my-secret-username",
      'lgpassword':"my-super-secret-password",
      'lgtoken':LOGIN_TOKEN,
      'format':"json"
  }
  
  R = S.post(URL, data=PARAMS_1)
  DATA = R.json()

Now question #2 is: why the piece of code above will successfully login on 2nd call when executed on an UpLink, while it still gives the same warning and error code as in the 1st call (the one without the token) when executed as Anvil’s server module, as if cookies were not mantained between calls?

Meanwhile, I am going to try to authenticate through Mediawiki’s OAuth-consumers-only authentication, but imho I think this path will reveal itself more complex.

Thanks guys and have a nice sunday!

2

Hopefully, at last something went better than expected and Mediawiki’s OAuth-consumers-only authentication did the job easily.
Nevertheless questions #1 and #2 above remain open.

I add question #3: while trying to implement OAuth-consumers-only authentication I tried to use
requests_oauthlib and xmltodict libraries, I see listed in the Available Packages.
But in both cases I get a ModuleNotFoundError: No module named '........' error.
If I remember correctly, the error message for the library being not available on the free plan was more explicit than this so… what is causing the error here?

And question #4: how is that anvil.http is not available on uplink?

Thanks and BR