Open Microscopy Environment

Hi,
I'm probably missing something obvious but is there a way to programmatically (in Python) passing login credentials to WebGateway and WebClient URL calls? I want to retrieve data from an OMERO instance (without a public user) through those convenient access methods but doing it all from a Python script.
Thanks,
- Damir

Hi Damir,

Here's a Python script that logs in and retrieves json data via webgateway urls using the requests library http://docs.python-requests.org/

https://gist.github.com/will-moore/36c0 ... aabc028d70

A full list of the webgateway urls is at http://downloads.openmicroscopy.org/ome ... teway.urls (although you may find the source code easier to read!
https://github.com/openmicroscopy/openm ... ay/urls.py

I'm afraid the functionality provided by the current webgateway json urls is a kinda limited.

The webclient uses a different set of urls to load json data for the tree. These urls are prefixed with 'api' in https://github.com/openmicroscopy/openm ... nt/urls.py
One way to explore these is to use the development tools in your browser to see what urls are being accessed (E.g. "Network" tab of Chrome dev tools) while you're browsing the tree.
The only caveat is that webclient urls are not really considered a public 'API' and may change in minor releases.

We have started working on a new json api that will provide much more complete api coverage than the current webgateway urls. Hopefully you should see the first part of this in 5.3.0.

Regards,

Will.

Hi Will,

Thanks much for the quick response and clear instructions. The piece of example code is great and makes sense. One problem: the session.post() call results in a 403 error back from the server. My server runs nginx over https. Does that require some additional code to handle the login process? I'm sure that is all in http://docs.python-requests.org/en/master/ but a bit too complex for me to easily understand.

Thanks,
- Damir

Hi Damir

OMERO.web offers only session based authentication. You have to obtain CSRF token from the login page first

Code: Select all

>>> login_url = "https://server.openmicroscopy.org/webclient/login/"
>>> client = requests.session()
>>> client.get(login_url)
>>> csrftoken = client.cookies['csrftoken']
>>> data = {'username': "user", 'password': "secret", 'server': 1, 'noredirect':1, 'csrfmiddlewaretoken':csrftoken}
>>> r = client.post(login_url, data=data, headers=dict(Referer=login_url))
>>> print r.content
OK


Make sure you include a valid CSRF token for any following "unsafe" HTTP method calls in your script.

Ola

You are right, Will's example doesn't work also because of lack of referrer, I updated my previous post.

Ola

Hi Ola,

This works great with my https/nginx server. Thanks!
I actually managed to get the code in Will's example to work when connecting to the Django development server which was running over http. But everything is much better with the real and secure web server.

Indeed, I'm using the 'client' session id for all subsequent requests and that works very well. What is actually the appropriate way to close that session to make sure any resources are released at the end of my script?

The webgateway json tools may be a bit limited but are quite usable. Looking forward to an even better json API in 5.3 and future versions.

Cheers,
- Damir

Hi Damir,

Simply logging out is sufficient to close the session:

Code: Select all

logout_url = BASE_URL + "webclient/logout/"
r = session.post(logout_url, headers=dict(Referer=login_url))


Regards,

Will.

Hi Damir,

dsudar wrote:This works great with my https/nginx server. Thanks!
I actually managed to get the code in Will's example to work when connecting to the Django development server which was running over http. But everything is much better with the real and secure web server.

That is because script have to set referrer, that check is absolutely necessary for the security of Django's CSRF protection. Without it, Django won't prevent MITM attacks on SSL sites.

Ola