When i take the Token from my home page and input in this function my request goes through however every few minutes the Token changes is there a way to automatically get it?
local function postasync(URL, DATA, HEADERS)
return httpservice:PostAsync(URL, httpservice:JSONEncode(DATA), Enum.HttpContentType.TextPlain, false, HEADERS)
end
local headers = {["Cokie"] = "Blah Blah", ["X-Csrf-Token"] = "Blah BLah"}
print(postasync("https://accountinformation.roproxy.com/v1/description", data, headers))
If I remember correctly, sending a request to https://auth.roblox.com/ (so like auth.roproxy.com probably) will have the Token in the response’s headers
Ok, so it’s actually: https://auth.roblox.com/v2/logout, and here’s some working code I wrote to get the token:
local cookie = "cookie here"
local httpService = game:GetService("HttpService")
local maxAttempts = 5
local cookieValue = cookie:find("|_") and cookie:split("|_")[2] or cookie
local try = function(func)
local success,response = pcall(func)
if not success then
local lastRequest,attempts = tick() - 0.1,0
repeat
if(tick() - lastRequest < 0.05) then
task.wait()
end
success,response = pcall(func)
lastRequest = tick()
attempts += 1
if not success then
warn(response,"retrying")
end
until(success or attempts > maxAttempts)
return success,response
end
return success,response
end
local getToken = function()
local success,response = try(function()
return httpService:RequestAsync({
Url = "https://auth.roproxy.com/v2/logout",
Method = "POST",
Headers = {
["Content-Type"] = "application/json",
["Cookie"] = ".ROBLOSECURITY=" .. cookieValue
}
})
end)
if success and response then
return true,response.Headers["x-csrf-token"]
else
return false,""
end
end
print(getToken())
I wrote it as such to handle errors and automatically retry, as the web API is notoriously annoying to work with and can error at any time.
Personally, I’d use promises over my janky retry method, but this is what works for now.
Most often when a request fails it returns a valid x-csrf-token within the response return headers, that you can then use on the request headers and retry with the same parameters. Basically you can get the token by making a single failed request first.
Also I think you need to use RequestAsync in order to use headers for HTTP requests.