Hi
I have share link to folder with files i need to download and password.
There is no problem in doing so by browser, but i need to do so from Java.
I’m able to retrive info by using GET cloud seafile com/api2/d/{token}/dir/ - “List Direntry in Dir Download Link”
What’s should i do next? API documentation says i need token to download files.
To download files you can just call GET cloud seafile com/api2/d/{token}/files/?p=%2Ffolder%2Ffile.ext&dl=1
It says 404
File is located inside root folder so i’m using
/api2/d/{token}/files/?p=/file.txt&dl=1
file.txt- file name
token is the same as for riest request
When downloading via browser i can see its sending GET request to
/d/{token}/files/?p=%2Ffile.txt&dl=1
It works. But it works after few other requests which include using sfcsrftoken in Cookies, csrfmiddlewaretoken from html response and finally sessionid - required cookie for file downloading
Is this the right way? I dont like parsing html for csrfmiddlewaretoken
Where i can read API description for your solution?
No it works. No cookies and nothing required. Do not send anything extra just GET the url where token is the id of the share. It’ll send a 302 and by following that you’ll get the file.
Unfortunately I can’t get it to work
So… if i’m able to download file via browser by
GET /d/{token}/files/?p=%2FText.txt&dl=1
it sends back 302 as you said
and i’m able to view files in directory by
GET /api2/d/{token}/dir/?password={password}
i should be able to download by
GET /api2/d/{token}/files/?p=%2FText.txt&dl=1
Right? Do i understand correctly?
Tokens are all the same
For now it sends me back html page with “Sorry, but the requested page could not be found”
Oh, maybe without api2? Just go in your browser and hover over the download icon of a file. It shows the link.
Sure
It is a working link via browser
GET /d/{token}/files/?p=%2FText.txt
It leads to preview page with download button that uses
GET /d/{token}/files/?p=%2FText.txt&dl=1
It works
The thing is, If I use link with &dl=1 without any browser cookies, for example, from Postman, the answer is HTML page with “Please input the password if you want to browse the shared file/directory” and 200 as status.
Tried adding &password={password} - same response
Just for the science, i’m tried POST with same link - html with 403 and “CSRF verification failed. Request aborted” inside
So this is about downloading a password protected file via share link?
In that case I think you need to GET /d/token/, then POST csrfmiddlewaretoken=value from page (from the page), token=yourtoken and password=sharepassword and then send your sessionid cookie with the download request.
TLDR: I don’t think you get around grabbing the csrf token from the page.
Yes. I said it in my first post
Yes, it works - it is how my browser handles file downloading
Well… Thank you for clarifying!
1 Like
There is a way without scraping html page:
- Request download link from, API documentation see Seafile Server
- Download file with returned link
Voilà, can fetch file from code.