Skip to content
talklittle edited this page Sep 13, 2010 · 15 revisions

• To login you need to POST to http://www.reddit.com/api/login/
• user=[username]
• passwd=[plaintext password]
• It always returns HTTP code 200 OK
• Need to read message content (single line JSON format) and if it contains string “WRONG_PASSWORD” then login failure.

POST /api/login/talklittle_test HTTP/1.1
Host: www.reddit.com
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 47

user=api_type=json&talklittle_test&passwd=hunter2

returns JSON including the cookie and modhash. (important to use api_type=json)

{"json": {"errors": [], “data”: {"modhash": “2y30c3rdelc449b75fc909f81d725e327ae095eda788412345”, “cookie”: “5998378,2009-09-06T19:45:42,83d5373c483422b549f9ca7b592c4ecf0dc29438”}}}

me: Will the modhash returned from /api/login be valid for as long as the session cookie?
KeyserSosa: Yup. The modhash only expires when we (very seldom) update the salt used in the hash or when the user changes his or her password. For now, you can treat them as if they’ll last forever.

Clone this wiki locally