yanis/weval-l99
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
db9bc4f7166e3eea9aefb3794de43df9275e21f0
weval-l99/v95b_session_inject.py
opus-wire 4af5cb0562 auto-wevia-master
2026-04-24 04:38:58 +02:00

75 lines
2.3 KiB
Python
Raw Blame History

#!/usr/bin/env python3
"""V95b - Inject WEVAL session cookie into browser persistent context
Following DOCTRINE #100 pattern
"""
import subprocess, json, os, asyncio, urllib.request
from playwright.async_api import async_playwright
SESSION_DIR = "/opt/weval-l99/browser-sessions/weval"
os.makedirs(SESSION_DIR, exist_ok=True)
# Step 1: Get session via localhost endpoint (server-side bypass)
import http.cookiejar
cookie_jar = http.cookiejar.CookieJar()
opener = urllib.request.build_opener(urllib.request.HTTPCookieProcessor(cookie_jar))
req = urllib.request.Request(
"http://127.0.0.1/api/opus-test-session-v94.php?k=WEVADS2026",
headers={"Host": "weval-consulting.com"}
)
resp = opener.open(req)
data = resp.read().decode()
print(f"Session creator response: {data[:200]}")
# Extract PHPSESSID from cookie jar
session_id = None
for c in cookie_jar:
print(f" Cookie: {c.name}={c.value[:30]}... domain={c.domain}")
if c.name == "PHPSESSID":
session_id = c.value
if not session_id:
# Try to parse from response
try:
d = json.loads(data)
session_id = d.get("session_id")
except:
pass
if not session_id:
print("NO SESSION ID - falling back")
exit(1)
print(f"Got session_id: {session_id}")
# Step 2: Inject into persistent browser
async def inject():
async with async_playwright() as p:
context = await p.chromium.launch_persistent_context(
SESSION_DIR,
headless=True,
viewport={'width': 1920, 'height': 1080},
args=['--no-sandbox', '--disable-setuid-sandbox']
)
# Add PHPSESSID cookie for the domain
await context.add_cookies([{
"name": "PHPSESSID",
"value": session_id,
"domain": ".weval-consulting.com",
"path": "/",
"secure": True,
"httpOnly": True,
"sameSite": "Lax"
}])
# Verify by hitting auth-check
page = await context.new_page()
await page.goto("https://weval-consulting.com/api/auth-check.php", wait_until='load', timeout=15000)
status = await page.evaluate("() => ({ body: document.body.innerText.substring(0, 100), url: location.href })")
print(f"Auth check result: {status}")
await context.close()
print("INJECT DONE")
asyncio.run(inject())
Reference in New Issue View Git Blame Copy Permalink