homebridge-melcloud-control 4.0.0-beta.311 → 4.0.0-beta.313

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "displayName": "MELCloud Control",
3
3
  "name": "homebridge-melcloud-control",
4
- "version": "4.0.0-beta.311",
4
+ "version": "4.0.0-beta.313",
5
5
  "description": "Homebridge plugin to control Mitsubishi Air Conditioner, Heat Pump and Energy Recovery Ventilation.",
6
6
  "license": "MIT",
7
7
  "author": "grzegorz914",
@@ -42,7 +42,7 @@
42
42
  "puppeteer": "^24.26.1",
43
43
  "axios-cookiejar-support": "^6.0.4",
44
44
  "tough-cookie": "^6.0.0",
45
- "cheerio": "^1.1.2"
45
+ "jsdom": "^27.0.1"
46
46
  },
47
47
  "keywords": [
48
48
  "homebridge",
@@ -2,6 +2,7 @@ import axios from 'axios';
2
2
  import crypto from 'crypto';
3
3
  import { wrapper } from 'axios-cookiejar-support';
4
4
  import { CookieJar } from 'tough-cookie';
5
+ import { JSDOM } from 'jsdom';
5
6
  import EventEmitter from 'events';
6
7
 
7
8
  const MOBILE_USER_AGENT = 'MonitorAndControl.App.Mobile/35 CFNetwork/3860.100.1 Darwin/25.0.0';
@@ -137,24 +138,47 @@ class MelCloudHomeToken extends EventEmitter {
137
138
 
138
139
  async loginToMelCloudHome(url) {
139
140
  try {
141
+ // Step 1: Pobierz stronę logowania, żeby uzyskać sesję + token _csrf
142
+ const getResp = await axios.get(url, {
143
+ headers: {
144
+ 'User-Agent': 'Mozilla/5.0',
145
+ 'Accept': 'text/html',
146
+ },
147
+ withCredentials: true,
148
+ });
149
+
150
+ const cookies = getResp.headers['set-cookie'] || [];
151
+ const dom = new JSDOM(getResp.data);
152
+ const csrf = dom.window.document.querySelector('input[name="_csrf"]')?.value;
153
+
154
+ if (!csrf) {
155
+ throw new Error('CSRF token not found');
156
+ }
157
+
158
+ // Step 2: Przygotuj dane logowania
140
159
  const form = new URLSearchParams();
141
160
  form.append('username', this.user);
142
161
  form.append('password', this.passwd);
162
+ form.append('cognitoAsfData', '');
163
+ form.append('_csrf', csrf);
143
164
 
144
- const response = await axios({
145
- method: 'POST',
146
- baseURL: url,
165
+ // Step 3: Wyślij POST z danymi logowania
166
+ const postResp = await axios.post(url, form.toString(), {
147
167
  headers: {
148
- 'Content-Type': 'application/x-www-form-urlencoded'
168
+ 'Content-Type': 'application/x-www-form-urlencoded',
169
+ 'Cookie': cookies.join('; '),
170
+ 'Origin': 'https://auth.melcloudhome.com',
171
+ 'Referer': url,
172
+ 'User-Agent': 'Mozilla/5.0',
149
173
  },
150
- data: form.toString(),
151
- timeout: 10000
174
+ maxRedirects: 0, // ważne, bo Cognito robi redirect po sukcesie
175
+ validateStatus: status => [200, 302, 400].includes(status),
152
176
  });
153
177
 
154
- this.emit('warn', `No cookie returned from login. Response headers: ${JSON.stringify(response)}`);
178
+ this.emit('warn', `No cookie returned from login. Response headers: ${JSON.stringify(postResp)}`);
155
179
 
156
180
  if (response.status !== 200) {
157
- if (this.logError) this.emit('error', `Login failed with status code: ${response.status}`);
181
+ if (this.logError) this.emit('error', `Login failed with status code: ${postResp.status}`);
158
182
  return null;
159
183
  }
160
184