Log into https://accointing.com using Python
New here? Learn about Bountify and follow @bountify to get notified of new bounties! x

Write a Python Script to log into https://accointing.com.

Key Points: The solution should use lightweight libraries such as requests and urllib but NOT selenium. The code should produce a session that logs into the website and allows you to see your portfolio -- no parsing required.

awarded to alexanderk23

Crowdsource coding tasks.

1 Solution


Nothing is impossible. You just have to mimic the JS behavior to get the access token and then use it to query the site API directly like that:

import requests
import secrets
from urllib import parse

# Put your credentials here:
USERNAME = 'username@gmail.com'
PASSWORD = 'YOUR_PASSWORD'

HEADERS = {'Referer': 'https://www.accointing.com/'}
CLIENT_ID = 'u3qx7ShifL7jKO58J8Qk5oIYmUmn17KX'
REALM = 'Username-Password-Authentication'


def get_login_ticket(session, username, password):
    data = {
        "client_id": CLIENT_ID,
        "credential_type": "http://auth0.com/oauth/grant-type/password-realm",
        "password": password,
        "realm": REALM,
        "username": username,
    }

    result = session.post(
        'https://auth.accointing.com/co/authenticate', headers=HEADERS, data=data)

    return result.json()['login_ticket']


def get_access_token(session, login_ticket):
    params = {
        'client_id': CLIENT_ID,
        'response_type': 'token id_token',
        'redirect_uri': 'https://www.accointing.com/app/callback',
        'scope': 'openid profile',
        'audience': 'http://localhost:5000/api',
        'realm': REALM,
        'state': secrets.token_urlsafe(),
        'nonce': secrets.token_urlsafe(),
        'login_ticket': login_ticket,
    }

    result = session.get(
        'https://auth.accointing.com/authorize', headers=HEADERS, params=params, allow_redirects=False)

    fragment = parse.urldefrag(result.headers['Location']).fragment
    return parse.parse_qs(fragment)['access_token'][0]


if __name__ == '__main__':
    session = requests.Session()
    ticket = get_login_ticket(session, USERNAME, PASSWORD)
    token = get_access_token(session, ticket)

    # From now on, you can use the obtained access token to query the backend API:

    headers = {
        "Authorization": f"Bearer {token}",
        "Referer": "https://www.accointing.com/",
    }

    user = session.get(
        "https://www.accointing.com/api/data/users/getUser", headers=headers)

    print(user.json())
Really awesome, thanks a lot!
fadihi over 1 year ago
Thank you!
alexanderk23 over 1 year ago