sessiongenerate — Generates a session that can be used to setup a cookie for accessing the site with a user's privileges.
Generates a session that can be used to setup a cookie for accessing the site with a user's privileges.
The protocol request mode:
Username. Leading and trailing whitespace is ignored, as is case.
The authentication method used for this request. Default is 'clear', for plain-text authentication. 'cookie' or any of the challenge-response methods are also acceptable.
Deprecated. Password in plain-text. For the default authentication method, either this needs to be sent, or
Deprecated. Alternative to plain-text
password. Password as an MD5 hex digest. Not perfectly secure, but defeats the most simple of network sniffers.
If using challenge-response authentication, this should be the challenge that was generated for your client.
If using challenge-response authentication, this should be the response hash you generate based on the challenge's formula.
(Optional) Protocol version supported by the client; assumed to be 0 if not specified. See Chapter 27, Protocol Versions for details on the protocol version.
(Optional) Sessions can either expire in a short amount of time or last for a long period of time. You can specify either "short" or "long" as the value of this parameter. Short is 24 hours, long is 30 days.
(Optional) If specified and true, this will cause the server to generate a session that is only valid from the IP address the sessiongenerate request was sent from. If you leave out this value, it will default to allowing any IP address to use this session information.
OK on success or
FAIL when there's an error. When there's an error, see
errmsg for the error text. The absence of this variable should also be considered an error.
The error message if
FAIL, not present if
OK. If the success variable is not present, this variable most likely will not be either (in the case of a server error), and clients should just report "Server Error, try again later.".
This part of the response contains the actual session data. If you use the complete contents of this element as a cookie named "ljsession" then you will be able to access the site using the privileges of the user you authenticated as.