There are two ways to get a session ID: by indicating your SDK password, or by indicating an arbitrary user's username and password. The method to use depends on the specific task. The /login is used to get a session ID.
Example of a request that uses the SDK password:
https://192.168.1.200:8080/login?password=12345
Example of a request that uses the username and password of an arbitrary user:
https://192.168.1.200:8080/login?username=Admin&password=987654321
In either case, the response will look the same:
{
"success" : 1,
"sid" : "e03qD0eg"
}
In this example, the response contains:
- "success" : 1 - the authorization request was processed successfully;
- "sid" : "e03qD0eg" - the unique session ID;
If the credentials use or invalid, the response will work as follows:
{
"success" : "0",
"error_code" : "invalid username or password"
}
/*
Username and Password should match to one of the server users.
*/
Important
The session lifetime is 15 minutes. It "dies" due to the absence of constant requests. Any request made within this session lifetime using one and the same sid makes its lifetime equal to 15 minutes.
Important
The following types of protection against unauthorized access are built into WEB-server:
- Protection against a large number of connections from a single IP-address. No more than 99 connections can be established to SDK from a single IP address. All connections above this limit will be rejected, and a corresponding entry will appear in the TRASSIR log.
- Protection against frequent authorization. The WEB-Server allows you to request sid no more than once within 5 seconds. Too frequent attempts to send a request may result in blocking the IP address.
