This API is primarily used by browser based clients to process a login request. A supplied username/password combination is verified and if correct the authorisation details are loaded.
Input Arguments
Arg# | Name | Description |
8 | Required. Must be "retailmax.elink.teller.login" | |
200 | Username | The login name to be validated. This field MUST be supplied as MD5 value |
201 | Password | The password to be validated. This field MUST be supplied as MD5 value |
250 | UserAgent | The user agent for the browser. Optional but recommended if possible. |
Notes
There is a mandatory pause on this API in the case of failure. This means that if the username and password are not a valid match there will be a delay, typically around 3 seconds. This delay is by design and to ensure that automated password crackers are limited to the speed at which combinations can be checked.
Examples
Typical javascript to accept a username and password on a form a validate the user
// Request authorisation var xPacket = "<DATI><f8_s>retailmax.elink.teller.login</f8_s><f11_B>I</f11_B>"; xPacket += "<f200_s>"+GdsMakeMD5(document.getElementById("login_user").value.toLowerCase())+"</f200_s>"; xPacket += "<f201_s>"+GdsMakeMD5(document.getElementById("login_pass").value)+"</f201_s>"; xPacket += "<f250_s>"+GdsMakeXML(navigator.userAgent)+"</f250_s>"; xPacket += "</DATI>"; PostXML_RetOjectForGNAP("/dati", xPacket, "DoLogin3Cb", 0, false); return;