Media wiki second POST still returns NeedToken result

Question

After first POST request I get "NeedToken" result then in my second POST request I pass token and sessionid as parameters. Here is my Javascript code:

function wiki_auth(login, pass, ref){
    $.post(ref+'api.php?action=login&lgname=' + login +
            '&lgpassword=' + pass + '&format=json', function(data) {
        if(data.login.result == 'NeedToken') {
            $.post(ref+'api.php?action=login&lgname=' + login +
                    '&lgpassword=' + pass + '&lgtoken='+data.login.token+'&format=json&sessionid='+data.login.sessionid+'&lgdomain='+ref,
                    function(data) {
                if(!data.error){
                   if (data.login.result == "Success") {
                        document.location.href=ref;
                   } else {
                        console.log('Result: '+ data.login.result);
                   }
                } else {
                   console.log('Error: ' + data.error);
                }
            });
        } else {
            console.log('Result: ' + data.login.result);
        }
        if(data.error) {
            console.log('Error: ' + data.error);
        }
    });
}

I am not sure if I need to pass something else as well.

Answer 1

You will need to actually POST the parameters as data (in the body of the HTTP request), not append them to the GET parameters in the url. Use

$.post(ref+'api.php?action=login&format=json', {
    lgname: login,
    lgpassword: pass,
    lgtoken: data.login.token,
    sessionid: data.login.sessionid,
    lgdomain: ref
}, function(data) { … });