==================================================
Authentication
==================================================

.. meta::
   :description: Authentication methods and session management for E-BLOC platform
   :keywords: documentation, ebloc, authentication, session, cookie

.. contents:: Table of Contents
   :depth: 3
   :local:

Introduction
--------------------------------------------------

This chapter describes how to authenticate to E-BLOC using basic authentication
or cookie-based sessions. All requests to E-BLOC services use the cookie retrieved
after the initial authentication.

.. note::
   Sessions typically expire after 24 hours. It is recommended to reuse valid
   cookies until expiration rather than performing repeated authentications.

Basic Authentication
--------------------------------------------------

The E-BLOC GUI uses an HTML form with the following fields:

**Authentication Form**

.. code-block:: html
   :caption: Authentication form structure
   :linenos:

   <form action="index.php?profil=0" method="post" name="f">
     <input name="pUser" id="pUser" type="text" placeholder="Username/Email">
     <input name="pPass" id="pPass" type="password" placeholder="Password">
     <input id="pConectare" type="submit" value="Conectare">
   </form>

Authentication Flow
^^^^^^^^^^^^^^^^^^^

The authentication process follows these steps:

1. Fill in the ``pUser`` field with username or email
2. Fill in the ``pPass`` field with the password
3. Click the ``pConectare`` (Connect) button
4. The browser sends a POST request to E-BLOC
5. On success, the response contains the ``PHPSESSID`` value
6. Use the ``PHPSESSID`` cookie for all subsequent requests

Session Cookies
--------------------------------------------------

E-BLOC stores the following cookies during an authenticated session:

+-------------------+------------------+
|    Cookie Key     |       Value      |
+-------------------+------------------+
| PHPSESSID         |  SESSION TOKEN   |
+-------------------+------------------+
| avizier-luna-cur  |    [YYYY]-[MM]   |
+-------------------+------------------+
| facturi-luna-cur  |    [YYYY]-[MM]   |
+-------------------+------------------+
| index-luna-cur    |    [YYYY]-[MM]   |
+-------------------+------------------+
| asoc-cur          |      [AS-ID]     |
+-------------------+------------------+
| home-ap-cur       | [AS-ID]_[AP-IP]  |
+-------------------+------------------+
| home-stat-cur     |        [MM]      |
+-------------------+------------------+
| username          |       X@Y.Z      |
+-------------------+------------------+

A full session cookie will looks like this:

.. code-block:: html
      :caption: cookie
      :linenos:

      username=[pUser]; facturi-luna-cur=-; index-luna-cur=-; asoc-cur=[AS-ID];
      home-ap-cur=[AS-ID]_[AP-IP]; home-stat-cur=[MM]; avizier-luna-cur=[YYYY]-[MM]

Obtaining Sessions
--------------------------------------------------

From Browser Developer Tools
^^^^^^^^^^^^^^^^^^^^^^^^^^^^

To extract session cookies from an active browser session:

1. Log in to E-BLOC using your preferred browser
2. Open Developer Tools (usually F12 or right-click → Inspect)
3. Navigate to the **Application** tab
4. In the left sidebar, find **Cookies** under the Storage section
5. Click the E-BLOC URL to view its cookies
6. Find the ``PHPSESSID`` value
7. Copy all relevant cookies for use in your application

From Basic Authentication Request
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

.. code-block:: python
   :caption: Obtaining session via basic auth request
   :linenos:

   import requests

   response = requests.post(
       'https://www.e-bloc.ro/index.php?profil=0',
       data={'pUser': 'your_email@example.com', 'pPass': 'your_password'},
       allow_redirects=False
   )

   # Extract PHPSESSID from response cookies
   session_id = response.cookies.get('PHPSESSID')