from fastapi import FastAPI, HTTPException import httpx from bs4 import BeautifulSoup from datetime import datetime, timedelta app = FastAPI(title="iVasMS API (GET only)") LOGIN_URL = "https://www.ivasms.com/login" DASHBOARD_URL = "https://www.ivasms.com/portal" SMS_URL = "https://www.ivasms.com/portal/sms/received/getsms" client = httpx.Client( follow_redirects=True, headers={ "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64)", "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-US,en;q=0.9", "Connection": "keep-alive", }, timeout=30.0 ) session_ready = False csrf_token = None @app.get("/") def root(): return { "login": "/login?email=EMAIL&password=PASSWORD", "status": "/status", "sms": "/sms", "logout": "/logout" } @app.get("/login") def login(email: str, password: str): global session_ready, csrf_token # Step 1: open login page (for cookies) client.get(LOGIN_URL) # Step 2: submit login (NO CSRF HERE) data = { "email": email, "username": email, "password": password } res = client.post(LOGIN_URL, data=data) if "login" in str(res.url): session_ready = False raise HTTPException(401, "Login failed") # Step 3: open dashboard, get CSRF token dash = client.get(DASHBOARD_URL) soup = BeautifulSoup(dash.text, "html.parser") meta = soup.find("meta", {"name": "csrf-token"}) if not meta: session_ready = False raise HTTPException(500, "Dashboard CSRF token not found") csrf_token = meta["content"] session_ready = True return { "status": "ok", "logged_in": True } @app.get("/status") def status(): return {"logged_in": session_ready} @app.get("/sms") def get_sms(): if not session_ready or not csrf_token: raise HTTPException(401, "Not logged in") today = datetime.utcnow() start = today - timedelta(days=1) payload = { "from": start.strftime("%m/%d/%Y"), "to": today.strftime("%m/%d/%Y"), "_token": csrf_token } r = client.post(SMS_URL, data=payload) return { "success": True, "raw_html": r.text } @app.get("/logout") def logout(): global session_ready, csrf_token client.cookies.clear() session_ready = False csrf_token = None return {"status": "logged_out"}