DeviantART login update August 2013

From Botdom Wiki
Jump to: navigation, search
The correct title of this article is deviantART login update August 2013. The initial letter is capitalized due to technical limitations.

Login process update

On August 13, 2013 deviantART updated the login process, adding two minor changes to the forms used. These changes render all non-oAuth authtoken grabbing tools and dAmn bots without a way to login to dAmn.


Changes

The changes include adding two hidden values to the forms. A validate_token and validate_key. The validate_token appears to always be 20 characters long, while the validate_key is 10 characters long. Both of these values must be grabbed from one of the login forms prior to sending a login request. The easiest method is to request https://www.deviantart.com/users/rockedout

The request to the login page must now be in the following format:

&username=USERNAME&password=PASSWORD&remember_me=1&validate_token=TOKEN&validate_key=KEY

Where TOKEN and KEY are the values scraped from the page mentioned above. It is important that cookies be maintained over the various requests. Otherwise, you will be redirected to a "bad form" page. Once logged in, you should discard the first "userinfo" cookie you got from scraping the first page, as you now have a new one.


Fixes

  • Change authtoken grabbing code to meet the above requirements.