NStar Login
Login to the NStar website https://nstar.com using node.js
Design
NStar uses a 2-step login process. First this module submits the login form with the username and password. If the username and password are correct, NStar returns a page with a secret question. A post request with the answer to secret question must be submitted and then account homepage is returned.
Usage
To run the example below you must first install the required modules
npm install -S eyespect nstar-login
var inspect = var login = var userData = username: 'fooUsername' password: 'barPassword' secrets: 'What is your favorite movie': 'Home Alone' 'What is your mothers maiden name': 'Smith' 'What is the name of your oldest nephew?': 'Tom'
Login Form
To login issue a post request to the url https://nstar.com/NSTAR/Default.aspx. The following fields must be submitted with the post request
{
"__VIEWSTATE": "/wEPDwUKMTQxMDk5NzkzNg9kFgJmD2QWAgIBD2QWAgIDD2QWAgIBD2QWAgIBD2QWBGYPFgIeB1Zpc2libGVoFgYCAQ8WAh8AaGQCAw8WAh8AaGQCBQ8WAh8AaGQCCA8WAh4Fc3R5bGUFfXdpZHRoOjBweDtwYWRkaW5nOjA7aGVpZ2h0OjEwMCU7YmFja2dyb3VuZC1jb2xvcjojQzREM0UzO2JvcmRlci10b3A6MXB4IHNvbGlkICM0NDQ7Ym9yZGVyLWJvdHRvbToxcHggc29saWQgIzQ0NDtkaXNwbGF5Om5vbmU7ZBgCBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAQUiY3RsMDAkTWFpbiRMb2dpbkJveCRjYkxCUmVtZW1iZXJNZQUSY3RsMDAkTWFpbiRtdkxvZ2luDw9kZmQeVNtSkk/ZK/B4mgmxqXRe/KuPLg==",
"__EVENTVALIDATION": "/wEWCAKT+InMBALAgpxNAvLyy8gHAqfWyUACgsTihAICm5274gECnZD4ngUCtJXpsg+nzIR8FBaarsVtHKxb3YI2bPdBEQ==",
"__SubmitToken": "foo",
"ctl00$Main$LoginBox$UserName": "usernameHere",
"ctl00$Main$LoginBox$Password": "passwordHere",
"ctl00$Main$LoginBox$btLogin": ""
}
The __VIEWSTATE
and __EVENTVALIDATION
values can be fetched from the page located at https://secure8.i-doxs.net/NSTAR/Default.aspx
On a successful login post, the NStar server will return a 302
redirect status code and set-cookie
header. There should be a header Location: /NSTAR/Secure/SecretQuestion.aspx
Secret Question
After the login is successful, NStar presents a page which asks for a response to a secret question. To pass the secret question test, issue a post request to the url https://secure8.i-doxs.net/NSTAR/Secure/SecretQuestion.aspx.
After answering the secret question correctly, the NStar server will return a 302
redirect status code and set-cookie
header. There should be a header Location: /NSTAR/Secure/Home.aspx
To submit the secret question, the following fields must be set
{
"__VIEWSTATEFIELDCOUNT": "7",
"__VIEWSTATE": "foo...",
"__VIEWSTATE1": "foo...",
"__VIEWSTATE2": "foo...",
"__VIEWSTATE3": "foo...",
"__VIEWSTATE4": "foo...",
"__VIEWSTATE5": "foo...",
"__VIEWSTATE6": "foo...",
"__VIEWSTATE7": "foo...",
"__EVENTVALIDATION": "/wEWLAKbwpWiCgLY1OD0CwLAgpxNAvLyy8gHAqWxrtkEAuH",
"ctl00$Main$txtAnswer": "secretAnswerHere",
"ctl00$Main$btnSubmit": "anyValueButThisKeyMustBeSet"
}