[Solved, sort of] zmNinja API Access Error iOS 12

Discussion topics related to mobile applications and ZoneMinder Event Server (including machine learning)
Post Reply
mattspc
Posts: 13
Joined: Wed Aug 10, 2016 12:26 pm

[Solved, sort of] zmNinja API Access Error iOS 12

Post by mattspc »

I have a single device running zmNinja pro v1.3.039 that does not load zoneminder.

I've upgraded my ZM underlying OS to ubuntu 18.04 this evening from 17.x. My deployment sits behind an nginx reverse proxy running Ubuntu 18.04(no changes)

Other then needing to set the php timezone the upgrade went smooth. I can access ZM via a web browser from my phone and other devices.

zmNinja Mac OS X client v.1.3.39 - works, no issues
zmNinja iPhone client v1.3.039 running iOS 12.1.2 seems to login but I then receive an API error
zmNinja iPhone client v1.3.039 running iOS 11.4.1 - works, no issues

When I point the zmNinja client of my non-working phone directly to the IP vs the reverse proxy running nginx zmNinja loads zoneminder. Other than the CSRF error this is a bit of a head scratcher.

getVersion.json
{
"version": "1.32.3",
"apiversion": "1.0"
}

###
Here is the nginx log
###
10.0.1.194 - - [29/Dec/2018:20:39:42 -0500] "POST /zm/index.php?view=console HTTP/1.1" 403 462 "-" "zmNinja/1.3.039 (iPhone; iOS 12.1.2; Scale/2.00)"
10.0.1.194 - - [29/Dec/2018:20:39:42 -0500] "POST /zm/api/host/login.json HTTP/1.1" 200 138 "-" "zmNinja/1.3.039 (iPhone; iOS 12.1.2; Scale/2.00)"
10.0.1.194 - - [29/Dec/2018:20:39:43 -0500] "POST /zm/index.php?view=console HTTP/1.1" 403 463 "-" "zmNinja/1.3.039 (iPhone; iOS 12.1.2; Scale/2.00)"
10.0.1.194 - - [29/Dec/2018:20:39:43 -0500] "POST /zm/api/host/login.json HTTP/1.1" 200 138 "-" "zmNinja/1.3.039 (iPhone; iOS 12.1.2; Scale/2.00)"


###
Here is the log from my zmNinja client on the non-working iOS device.
###
Dec 29, 2018 08:26:53 PM INFO Login data not changed, not saving
Dec 29, 2018 08:30:56 PM INFO -->Clearing online/offine
Dec 29, 2018 08:30:56 PM INFO ROOT APP:App is going into background
Dec 29, 2018 08:30:56 PM INFO Clearing error/close cbk, disconnecting and deleting Event Server socket...
Dec 29, 2018 08:30:56 PM INFO Cancelling zmAutologin timer
Dec 29, 2018 08:32:01 PM INFO ******* resumeHandler device ready
Dec 29, 2018 08:32:01 PM INFO App is resuming from background
Dec 29, 2018 08:32:01 PM INFO -->Re-registering online/offine
Dec 29, 2018 08:32:01 PM DEBUG going to portal login
Dec 29, 2018 08:32:01 PM INFO Entering Portal Main
Dec 29, 2018 08:32:02 PM DEBUG Inside Portal login Enter handler
Dec 29, 2018 08:32:02 PM INFO User credentials are provided
Dec 29, 2018 08:32:02 PM INFO not checking for touchID
Dec 29, 2018 08:32:02 PM DEBUG unlock called with check PIN=true
Dec 29, 2018 08:32:02 PM DEBUG PIN code entered is correct, or there is no PIN set
Dec 29, 2018 08:32:02 PM INFO Cancelling zmAutologin timer
Dec 29, 2018 08:32:02 PM DEBUG Clearing cookies
Dec 29, 2018 08:32:02 PM INFO https://fqdn.mydomain.com/zm=>Logging out of any existing ZM sessions...
Dec 29, 2018 08:32:02 PM DEBUG Logging out using Web method
Dec 29, 2018 08:32:02 PM DEBUG *** Inside native HTTP error: {"status":403,"headers":{"pragma":"no-cache","content-type":"text/html; charset=UTF-8","set-cookie":"ZMSESSID=5uu80rbujqu4id806r6f65hpqi; path=/; HttpOnly, zmSkin=classic; expires=Tue, 07-Nov-2028 01:32:02 GMT; Max-Age=311040000, zmCSS=base; expires=Tue, 07-Nov-2028 01:32:02 GMT; Max-Age=311040000","server":"nginx/1.14.0 (Ubuntu)","cache-control":"no-store, no-cache, must-revalidate","connection":"keep-alive","date":"Sun, 30 Dec 2018 01:32:02 GMT","content-encoding":"gzip","expires":"Thu, 19 Nov 1981 08:52:00 GMT","transfer-encoding":"Identity"},"url":"https://fqdn.mydomain.com/zm/index.php? ... title>CSRF check failed</title><script type=\"text/javascript\">if (top != self) {top.location.href = self.location.href;}</script><script type=\"text/javascript\">var csrfMagicToken = \"key:034a62c6f58bcb0c74941c3e21989a04dbe4febb,1546133522\";var csrfMagicName = \"__csrf_magic\";</script><script src=\"includes/csrf/csrf-magic.js\" type=\"text/javascript\"></script></head>\n <body>\n <p>CSRF check failed. Your form session may have expired, or you may not have\n cookies enabled.</p>\n <form method='post' action=''><input type='hidden' name='__csrf_magic' value=\"key:034a62c6f58bcb0c74941c3e21989a04dbe4febb,1546133522\" /><input type=\"hidden\" name=\"action\" value=\"logout\" /><input type=\"hidden\" name=\"view\" value=\"login\" /><input type='submit' value='Try again' /></form>\n <p>Debug: </p><script type=\"text/javascript\">CsrfMagic.end();</script></body></html>\n"}
Dec 29, 2018 08:32:02 PM DEBUG Resetting zmCookie...
Dec 29, 2018 08:32:02 PM INFO zmAutologin called
Dec 29, 2018 08:32:02 PM DEBUG API based login returned...
Dec 29, 2018 08:32:02 PM DEBUG Setting server version to:1.32.3
Dec 29, 2018 08:32:02 PM INFO Stream authentication construction: &auth=1228418592b25492063cd3de1d2f5b48
Dec 29, 2018 08:32:02 PM INFO zmAutologin successfully logged into Zoneminder via API
Dec 29, 2018 08:32:02 PM DEBUG auth-success broadcast:Successful
Dec 29, 2018 08:32:02 PM DEBUG PortalLogin: auth success
Dec 29, 2018 08:32:02 PM DEBUG getAPIversion called with https://fqdn.mydomain.com/zm/api/host/getVersion.json
Dec 29, 2018 08:32:02 PM DEBUG **EXCEPTION**TypeError: undefined is not an object (evaluating 'data.data.config.Value') caused by undefined
Dec 29, 2018 08:32:02 PM DEBUG Setting APIValid to false as API version was not retrieved
Dec 29, 2018 08:32:02 PM DEBUG Setting server version to:
Dec 29, 2018 08:32:02 PM INFO API Error handler: going to login getAPI returned error: "-1.-1.-1"
Dec 29, 2018 08:32:02 PM DEBUG Doing the Aaron Hack after 1 sec....
Dec 29, 2018 08:32:03 PM DEBUG Clearing cookies
Dec 29, 2018 08:32:03 PM INFO https://fqdn.mydomain.com/zm=>Logging out of any existing ZM sessions...
Dec 29, 2018 08:32:03 PM DEBUG Logging out using Web method
Dec 29, 2018 08:32:03 PM DEBUG *** Inside native HTTP error: {"status":403,"headers":{"pragma":"no-cache","content-type":"text/html; charset=UTF-8","set-cookie":"ZMSESSID=fav8b3n0f9brmu9irmtmbbvn1r; path=/; HttpOnly, zmSkin=classic; expires=Tue, 07-Nov-2028 01:32:03 GMT; Max-Age=311040000, zmCSS=base; expires=Tue, 07-Nov-2028 01:32:03 GMT; Max-Age=311040000","server":"nginx/1.14.0 (Ubuntu)","cache-control":"no-store, no-cache, must-revalidate","connection":"keep-alive","date":"Sun, 30 Dec 2018 01:32:03 GMT","content-encoding":"gzip","expires":"Thu, 19 Nov 1981 08:52:00 GMT","transfer-encoding":"Identity"},"url":"https://fqdn.mydomain.com/zm/index.php? ... title>CSRF check failed</title><script type=\"text/javascript\">if (top != self) {top.location.href = self.location.href;}</script><script type=\"text/javascript\">var csrfMagicToken = \"key:4914510d005f02e8415e635f2e1ef122bb8f75bf,1546133523\";var csrfMagicName = \"__csrf_magic\";</script><script src=\"includes/csrf/csrf-magic.js\" type=\"text/javascript\"></script></head>\n <body>\n <p>CSRF check failed. Your form session may have expired, or you may not have\n cookies enabled.</p>\n <form method='post' action=''><input type='hidden' name='__csrf_magic' value=\"key:4914510d005f02e8415e635f2e1ef122bb8f75bf,1546133523\" /><input type=\"hidden\" name=\"action\" value=\"logout\" /><input type=\"hidden\" name=\"view\" value=\"login\" /><input type='submit' value='Try again' /></form>\n <p>Debug: </p><script type=\"text/javascript\">CsrfMagic.end();</script></body></html>\n"}
Dec 29, 2018 08:32:03 PM DEBUG Resetting zmCookie...
Dec 29, 2018 08:32:03 PM INFO zmAutologin called
Dec 29, 2018 08:32:03 PM DEBUG API based login returned...
Dec 29, 2018 08:32:03 PM DEBUG Setting server version to:1.32.3
Dec 29, 2018 08:32:03 PM INFO Stream authentication construction: &auth=1228418592b25492063cd3de1d2f5b48
Dec 29, 2018 08:32:03 PM INFO zmAutologin successfully logged into Zoneminder via API
Dec 29, 2018 08:32:03 PM DEBUG auth-success broadcast:Successful
Dec 29, 2018 08:32:03 PM DEBUG 2nd auth login worked
Dec 29, 2018 08:32:03 PM DEBUG getAPIversion called with https://fqdn.mydomain.com/zm/api/host/getVersion.json
Dec 29, 2018 08:32:03 PM DEBUG **EXCEPTION**TypeError: undefined is not an object (evaluating 'data.data.config.Value') caused by undefined
Dec 29, 2018 08:32:03 PM DEBUG Setting APIValid to false as API version was not retrieved
Dec 29, 2018 08:32:03 PM DEBUG Setting server version to:
Dec 29, 2018 08:32:03 PM DEBUG 2nd auth API failed, going to login
Dec 29, 2018 08:32:03 PM INFO In Auth State trans: Not logged in, requested to go to {"data":{"requireLogin":false},"cache":false,"url":"/invalidapi","templateUrl":"templates/invalidapi.html","controller":"zmApp.InvalidApiCtrl","name":"app.invalidapi"}
Dec 29, 2018 08:33:14 PM INFO In Auth State trans: Not logged in, requested to go to {"data":{"requireLogin":false},"cache":false,"url":"/invalidapi","templateUrl":"templates/invalidapi.html","controller":"zmApp.InvalidApiCtrl","name":"app.invalidapi"}
Last edited by mattspc on Sun Dec 30, 2018 1:52 am, edited 1 time in total.
mattspc
Posts: 13
Joined: Wed Aug 10, 2016 12:26 pm

Re: zmNinja API Access Error iOS 12

Post by mattspc »

I deleted the app on my phone and reinstalled. All the settings were still there and everything works again. Odd but hopefully this will help someone else.
Post Reply