W
W
WiFi Pineapple - 6th Gen: NANO / TETRA
Search…
WiFi Pineapple NANO/TETRA
Getting Started
About the WiFi Pineapple NANO/TETRA
The WiFi Auditing Workflow
The PineAP Suite
The Web Interface
Upgrading the Firmware
Setup
Setup Basics
WiFi Pineapple NANO - Linux Setup
WiFi Pineapple NANO - Windows Setup
WiFi Pineapple TETRA - Linux Setup
Internet Connectivity
Internet Connectivity Basics
Internet Connection Sharing on Kali Linux
Internet Connection Sharing over Ethernet in Windows
Internet Connection Sharing over Ethernet in Linux
Wired Internet Connection
WiFi Client Mode
Console Access
Console Access Basics
Secure Shell
Serial Access - WiFi Pineapple TETRA
Working with PineAP from the CLI
Basics of WiFi Operation
Basics of WiFi Operation
Radios and Chipsets
Stations and Base Stations
Transmit Power
Channels and Regions
Protocols
Modes of Operation
Logical Configurations
MAC Address
Broadcast Address
Service Sets and Identifiers
Management Frames
Frame Types
Frames and Frame Structure
Frame Injection
Association States
FAQ / Troubleshooting
Serial Console on the WiFi Pineapple TETRA
Ethernet on the WiFi Pineapple TETRA
LED Status Indicators
Power Considerations
Factory Reset
Firmware Recovery
Manual Firmware Installation
Development
Legacy WiFi Pineapple Mark V Modules (Infusions)
Specifications and Power Considerations
WiFi Pineapple NANO/TETRA Module API - Introduction
WiFi Pineapple NANO/TETRA Module API - Authentication
WiFi Pineapple NANO/TETRA Module API - Modules
WiFi Pineapple NANO/TETRA Module API - module.php API
Creating WiFi Pineapple NANO/TETRA Modules
Powered By GitBook
WiFi Pineapple NANO/TETRA Module API - Authentication

AUTHENTICATION

(Please note that extra authentication parameters are not required when using the angular module api due to the fact that client side module components are loaded after the user authenticates their browser)There are a couple ways to authenticate with the pineapple. Requests sent via the web interface use a PHPSESSID cookie as well as an X-XSRF-TOKEN header. The pineapple will verify that the session is valid and logged in and that the XSRF token matches the one generated at the start of the session. If both of these conditions are met, the request is routed. An example of a request sent by chrome is as follows:
1
POST /api/ HTTP/1.1
2
Host: 172.16.42.1:1471
3
Connection: keep-alive
4
Content-Length: 55
5
Accept: application/json, text/plain, */*
6
Origin: http://172.16.42.1:1471
7
X-XSRF-TOKEN: b01c5046faa2f8ffbed6f2fdd90a5605e6c505e3
8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36
9
Content-Type: application/json;charset=UTF-8
10
Referer: http://172.16.42.1:1471/
11
Accept-Encoding: gzip, deflate
12
Accept-Language: en-US,en;q=0.8
13
Cookie: PHPSESSID=cfd6b0bb983666362cae311c457d1d34; XSRF-TOKEN=b01c5046faa2f8ffbed6f2fdd90a5605e6c505e3
14
15
{"system":"notifications","action":"listNotifications"}
Copied!
This type of authentication is awkward and clumbsy to implement programmatically. Because of this, we have added a new way to authenticate with the WiFi Pineapple: API tokens. Though API tokens are supported by default, the pineapple is shipped without any valid tokens. The process of generating API tokens is simplified by the API Tokens module. After a token has been generated, it can be sent as an additional parameter. To use an API token, simply add an additional apiToken key to the request body. For example, to add a notification, one could send the following JSON request:
1
{
2
"system": "notifications",
3
"action": "addNotification",
4
"message": "Hello World!",
5
"apiToken": "7365626b696e6e652063616e7420636f6465202724ef6b5d7ac0b800cc83d474e8e007"
6
}
Copied!
If the apiToken parameter is valid, the request will be route; otherwise an error will be returned.
Development - Previous
WiFi Pineapple NANO/TETRA Module API - Introduction
Next - Development
WiFi Pineapple NANO/TETRA Module API - Modules
Last modified 2mo ago
Copy link