No announcement yet.

Login API

  • Filter
  • Time
  • Show
Clear All
new posts

  • Login API


    I am working on a Spring Boot application to integrate with your service. While I have had the account for 10 years, I havent put much effort into growing this business. My goal for 2020 is to build a enterprise grade site to integrate with resellerspanel and in 2021 to actually start building the brand. Having said that I am currently working on the login feature of my service. I will essentially be using your login form (since I dont see any option in the API) to validate my clients. However they will will be redirected to one of my portals if they are validated instead of directly to their control panel. Within my portal they will have a link to their control panel. My code will be something like the following in my controller:

    public void login(@ModelAttribute("userLogin") UserLogin userLogin, HttpServletResponse response) throws IOException {
    //TODO: remove localhost and make variable
    String responseUrl = URLEncoder.encode("http://localhost:8080", StandardCharsets.UTF_8.toString());
    String url = "" + userLogin.getUsername()
    + "&password="+ userLogin.getPassword() + "&returnURL=" + responseUrl;

    ResponseEntity<String> responseEntity = resellersPanel.postForEntity(url ,null ,String.class);

    if(null!= responseEntity.getHeaders().getLocation() && responseEntity.getStatusCodeValue() == 302) {
    response.sendRedirect(responseEntity.getHeaders(). getLocation().toString() + "&returnURL=" + responseUrl);

    Because I am coding it this way there are some concerns I have.

    1. Since the login attempts will be coming from my server's IP's, are there any limits on the login attempts from a particular IP? If so I will have to scrap this whole approach.

    2. If my post fails, it simply returns the HTML for the site, without any info like invalid login or anything, Is there a way to get an actual message back instead of the html? If so is this documented anywhere?

    Thanks in advance,

  • #2

    Thank you for contacting our Technical Support Department.

    There are limitations on the failed login attempts from a single IP address. If 10 failed login attempts are made from the same IP within 15 minutes the address is being temporary blocked by our system. The duration of the block depends on the number and rate at which failed logins are being submitted.

    Regarding your login page - The login posts must be made directly to our system, and not being sent via your own system. The actual error responses are not being sent to third parties intentionally to avoid the possibility of them being used to compromise specific client's login credentials.

    Let us know if there is anything else we can be of assistance with.

    Best Regards,
    Nick Green,
    Technical Support Department.