t_54f0a481: Add API investigation findings doc
This commit is contained in:
@@ -0,0 +1,24 @@
|
|||||||
|
# api-investigation.md — copied from kanban investigation task t_54f0a481
|
||||||
|
|
||||||
|
## Key Findings
|
||||||
|
|
||||||
|
### Architecture
|
||||||
|
- **Seed** (`/login/`) — Vue 3.5 SPA auth page
|
||||||
|
- **Application** (`/cs1/`, `/cs4/`) — ASP.NET MVC behind Azure Application Gateway
|
||||||
|
- **Machine List page** at `/cs4/VueMachineList/` (modern SPA)
|
||||||
|
|
||||||
|
### Auth Flow (httpx-compatible)
|
||||||
|
1. `GET /login/api/DataContext/GenerateAntiForgeryState` → CSRF token
|
||||||
|
2. `POST /login/api/SignIn/SignIn/en-US` with `__RequestVerificationToken` header + `{Email, Password, FormsAuthReturnUrl}`
|
||||||
|
3. Cookies are set automatically: `ASP.NET_SessionId`, `.ASPXAUTH`, `ApplicationGatewayAffinity`, `AeonPrincipalCacheVersion`
|
||||||
|
|
||||||
|
### Export
|
||||||
|
- **Endpoint**: `POST /cs4/VueMachineList/ExcelExport`
|
||||||
|
- StreamSaver.js streams result as "Machine List.xlsx"
|
||||||
|
- 60+ configurable columns
|
||||||
|
- Credentials via env: `CANTALOUPE_EMAIL`, `CANTALOUPE_PASSWORD`
|
||||||
|
|
||||||
|
### Recommendation
|
||||||
|
Start with httpx-only (Option A). Fall back to Playwright-for-login (Option B) if needed.
|
||||||
|
|
||||||
|
See full investigation at: `~/.hermes/kanban/boards/cantaloupe-downloader/workspaces/t_54f0a481/investigation-findings.md`
|
||||||
Reference in New Issue
Block a user