TMC is an independent, primarily volunteer organization that relies on ad revenue to cover its operating costs. Please consider whitelisting TMC on your ad blocker and becoming a Supporting Member. For more info: Support TMC

Model S REST API

Discussion in 'Model S: User Interface' started by timdorr, Feb 2, 2013.

  1. hans

    hans P631

    Joined:
    Sep 27, 2012
    Messages:
    1,132
    Location:
    Menlo Park
    I get the session cookie back in my curl cookie.jar using the first GET /login

    However when I try the POST /login with my tesla login and password I don't get back a cookie for the user credentials.

    What I do get back is HTML with the following CSRF meta data

    <meta content="authenticity_token" name="csrf-param" />
    <meta content="****A*TOKEN****" name="csrf-token" />
    <meta name="csrf-token" content="****A*TOKEN****">

    What I can't figure out is how to use the csrf-token for the subsequent requests using curl.
    Is the cookie supposed to be called "csrf-token" or "authenticity_token" or "user_credentials"?
    Are you sure this is just a cookie only and doesn't also need other HTTP header fields like X-CSRFToken?
    [FONT=Helvetica, sans-serif]
    [/FONT]
     
  2. widodh

    widodh Model S 85 and 100D

    Joined:
    Jan 23, 2011
    Messages:
    6,051
    Location:
    Middelburg, The Netherlands
    Do you sent the Cookie back you got with the first request?
     
  3. hans

    hans P631

    Joined:
    Sep 27, 2012
    Messages:
    1,132
    Location:
    Menlo Park
    #43 hans, Feb 5, 2013
    Last edited: Feb 5, 2013
    Yes.

    The following GET /login works and sets a session cookie in the file firstcookie.txt

    curl -c firstcookie.txt https://portal.vn.teslamotors.com/login


    Then I run POST /login and use the session cookie with extra username and password and get back the CSRF in HTML (but no additional cookies are set)

    curl -u <username>:<password> -b firstcookie.txt -c secondcookie.txt https://portal.vn.teslamotors.com/login
     
  4. PureAmps

    PureAmps Model S P85 (#2817)

    Joined:
    Oct 22, 2012
    Messages:
    359
    Location:
    SF Bay Area
    The server doesn't use HTTP basic auth, you need to post them as parameters as expected by the API. Also, no need to do a GET in /login, the session cookie will be set on first access of any url. Try the following:

    Code:
    rm cookies.txt
    curl -b cookies.txt -c cookies.txt -H "Accept: application/json" -X POST -d "user_session[email]=USERNAME" -d "user_session[password]=PASSWORD" https://portal.vn.teslamotors.com/login
    curl -b cookies.txt -c cookies.txt -H "Accept: application/json" https://portal.vn.teslamotors.com/vehicles 
    Replace USERNAME/PASSWORD with your values. If you get back your vehicle info, you're good to go.
     
  5. widodh

    widodh Model S 85 and 100D

    Joined:
    Jan 23, 2011
    Messages:
    6,051
    Location:
    Middelburg, The Netherlands
    Try this:

     
  6. hans

    hans P631

    Joined:
    Sep 27, 2012
    Messages:
    1,132
    Location:
    Menlo Park
    Works. You are right that there is no need to call the GET /login. Both cookies are set on the one POST /login

    $ curl -c cookie.txt -d "user_session=<myusername>&user_session[password]=<mypassword>" https://portal.vn.teslamotors.com/login

    $ curl -b cookie.txt https://portal.vn.teslamotors.com/vehicles

    $ curl -b cookie.txt https://portal.vn.teslamotors.com/vehicles/000/command/flash_lights

    {"reason":"","result":true}

    Yes!!! I just curled my Tesla from 3000 miles away from home.
     
  7. MrSniffer

    MrSniffer Member

    Joined:
    Jul 31, 2012
    Messages:
    17
    Location:
    Palo Alto, CA
    #47 MrSniffer, Feb 6, 2013
    Last edited: Feb 6, 2013
    Thanks to a bit of curl and a jot of cron, I woke up this morning to a nice, toasty Model S, despite the 34 degree outside air temperature. Thanks to everyone for guidance and info in making this possible, esp. aviators99.
     
  8. derekt75

    derekt75 Member

    Joined:
    Jul 16, 2012
    Messages:
    615
    Location:
    San Jose, CA
    Cool, I can see my car. battery_current is -0.8. I wonder what units that is.
    So, now we could make our own custom website so that we could send a command from the car to our website that would send a command to the Tesla portal, that would send a command back to the car, so that a button press on the touch screen flashes our headlights?
     
  9. hans

    hans P631

    Joined:
    Sep 27, 2012
    Messages:
    1,132
    Location:
    Menlo Park
    Is there any documentation on the streaming interface?
     
  10. ClaytonTMC

    ClaytonTMC Member

    Joined:
    Jan 28, 2013
    Messages:
    17
    Location:
    Los Altos, CA
    A few days ago I was able to query the location and charging information on my car via the portal REST service. Interesting thing is: my car is still at the factory and was in "burn-in" phase. The GPS location was showing the Tesla factory. I've since been getting access denied messages indicating that I now need to turn on remote access, but was interesting.

    I've also noticed that most people have reported their model coming back as "MS01", but mine comes back with "MS02". I wonder if this is MY2012 vs. MY2013? It's not related to battery pack, as I have the 60kWH and others that get "MS01" have the same.

    Clayton
     
  11. hans

    hans P631

    Joined:
    Sep 27, 2012
    Messages:
    1,132
    Location:
    Menlo Park
    All S60's are model year 2013 cars. My 60 kWh car say MS01 and BT60.
     
  12. ClaytonTMC

    ClaytonTMC Member

    Joined:
    Jan 28, 2013
    Messages:
    17
    Location:
    Los Altos, CA
    Hmm...Good point.

    Here's my option codes:
    "option_codes":"MS02,RENA,TM00,DRLH,PF00,BT60,PMTG,RFPO,WT21,IPMB,IDOM,TR00,SU01,SC01,TP01,AU01,CH01,HP00,PA00,PS00,AD02,X020,X025,X001,X003,X007,X011,X013"

    All but the MS02 seem to have been decoded.

    Clayton
     
  13. hans

    hans P631

    Joined:
    Sep 27, 2012
    Messages:
    1,132
    Location:
    Menlo Park
    Is it just me or is the REST interface no longer allowing access other than via the mobile apps? Both curl and my node.js app both return HTML containing the following...

    <...>You do not have access, please contact [email protected]<...>
     
  14. ClaytonTMC

    ClaytonTMC Member

    Joined:
    Jan 28, 2013
    Messages:
    17
    Location:
    Los Altos, CA
    Just checked using CURL and I still seem to be able to access.

    Got back the expected results. I didn't re-authenticate, but used my existing session token. Just sent a request for a list of vehicles and it came back fine. Not sure if other queries are working, as my vehicle won't actually be here until Monday.
     
  15. widodh

    widodh Model S 85 and 100D

    Joined:
    Jan 23, 2011
    Messages:
    6,051
    Location:
    Middelburg, The Netherlands
  16. hans

    hans P631

    Joined:
    Sep 27, 2012
    Messages:
    1,132
    Location:
    Menlo Park
    #56 hans, Feb 7, 2013
    Last edited: Feb 7, 2013

    Looks like the user session cookie expired. I had to go back and do a GET /login to get a new session cookie and then POST /login and I was back in and able to GET /vehicles, etc.

    I guess it's not sustainable to assume you get both cookies set in one POST /login.
     
  17. PureAmps

    PureAmps Model S P85 (#2817)

    Joined:
    Oct 22, 2012
    Messages:
    359
    Location:
    SF Bay Area
    My guess is that after you take delivery, your car will start reporting MS01. It's probably a flag of some type that indicates if the vehicle is an "owner" vehicle or not. I guess after you take delivery, you can let us know. :)

    There is a User-Agent sent from the iPhone app. I don't have it in front of me at the moment, but it has the app version and info about the phone's OS/hardware as I recall.

    In either case, you should set a User-Agent header to something different from their app's user agent string (curl's default user agent string should be fine). It makes it easier for Tesla to isolate problems and not waste time tracking down what they may think is a "bug" in the app's communication with their servers. I'm all for playing with the API, but I don't think we should "trick" their servers into thinking that traffic is coming from the app.
     
  18. aviators99

    aviators99 Model S - R140

    Joined:
    Jan 1, 2010
    Messages:
    1,458
    Location:
    Weston, Florida, United States
    In the phone app thread, someone mentioned that you should be able to set an alert if the car is not plugged in at a certain time. Here's a bourne shell script to do that. You must fill in the 4 variables at the top.

    Code:
    #! /bin/sh
    
    HOME_DIRECTORY="HOMEDIR"
    TM_USERNAME="USERNAME"
    TM_PASSWORD="PASSWORD"
    ALERT_EMAIL="EMAILADDRESS"
    
    curl -s --cookie $HOME_DIRECTORY/cookie.jar -c $HOME_DIRECTORY/cookie.jar -X POST -F "user_session[email]=$TM_USERNAME" -F "user_session[password]=$TM_PASSWORD" -k "https://portal.vn.teslamotors.com/login" > /dev/null 2>&1
    
    vehicle=`curl -s --cookie $HOME_DIRECTORY/cookie.jar -c $HOME_DIRECTORY/cookie.jar -k "https://portal.vn.teslamotors.com/vehicles" | awk -F, '{for(i=1;i<NF;i++){if($i ~ /"id":.*/) {print  substr($i,6)} }}'`
    
    if [ "$vehicle" == "" ]; then
       echo "Could not communicate with vehicle"
       exit 0
    fi
    
    ps=`curl -s --cookie $HOME_DIRECTORY/cookie.jar -c $HOME_DIRECTORY/cookie.jar -k "https://portal.vn.teslamotors.com/vehicles/$vehicle/command/charge_state" | awk -F, '{for(i=1;i<NF;i++) {if($i ~ /".*pilot_current":.*/) {print substr($i,25)} }}'`
    
    if [ "$ps" == "" ]; then
       echo "Could not communicate with vehicle"
       exit 0
    fi
    
    if [ "$ps" == "0" ]; then
       echo "Not plugged in"
       Mail -s 'Car not plugged in!' $ALERT_EMAIL < /dev/null
       exit 1
    else
       echo "Plugged in"
       exit 1
    fi
    
     
  19. Zas

    Zas Sig. Performance #2113

    Joined:
    Dec 24, 2012
    Messages:
    177
    Location:
    Toronto
    Thanks Aviators99 ! This sounds really cool, but i have no experience how to install and run this script, can you provide a helpful link for newbies ?
     
  20. zax123

    zax123 CDN Model S P308

    Joined:
    Jun 4, 2012
    Messages:
    906
    Location:
    Candiac, QC, CAN
    Zas,

    Just so you know, you'll need a machine running some flavor of Linux or perhaps Mac OS or CygWin or a virtual machine on Windows to run this script. It's not a native script for Windows... Once you've got that setup, you'll need to learn this ins and outs of cron (a built-in timer/automated task system in GNU systems like Linux).

    If all this doesn't sound daunting, then by all means, continue the research. :) If it does, I'm sure the app will soon provide timer-based events which will make this a lot easier.
     

Share This Page

  • About Us

    Formed in 2006, Tesla Motors Club (TMC) was the first independent online Tesla community. Today it remains the largest and most dynamic community of Tesla enthusiasts. Learn more.
  • Do you value your experience at TMC? Consider becoming a Supporting Member of Tesla Motors Club. As a thank you for your contribution, you'll get nearly no ads in the Community and Groups sections. Additional perks are available depending on the level of contribution. Please visit the Account Upgrades page for more details.


    SUPPORT TMC