#!/usr/bin/env python3
import requests, urllib3, re
urllib3.disable_warnings()

BASE_URL = "https://localhost:5000"
session = requests.Session()
session.verify = False

# Register
r1 = session.get(BASE_URL + "/welcome/default/user/register")
formkey = re.search(r'name="_formkey"[^>]*value="([^"]+)"', r1.text).group(1)

reg_data = {
    "first_name": "Test2",
    "last_name": "User2",
    "email": f"test2{__import__('time').time()}@example.com",
    "password": "TestPassword123!",
    "password_two": "TestPassword123!",
    "_formkey": formkey,
    "_formname": "register",
}

r2 = session.post(BASE_URL + "/welcome/default/user/register", data=reg_data)
print(f"[+] Registered, status: {r2.status_code}")

# Logout
session.get(BASE_URL + "/welcome/default/user/logout")

# Login with normal _next
r3 = session.get(BASE_URL + "/welcome/default/user/login", params={"_next": "/welcome/default/index"})
formkey2 = re.search(r'name="_formkey"[^>]*value="([^"]+)"', r3.text).group(1)

login_data = {
    "email": reg_data["email"],
    "password": reg_data["password"],
    "_formkey": formkey2,
    "_formname": "login",
    "_next": "/welcome/default/index"
}

r4 = session.post(BASE_URL + "/welcome/default/user/login", data=login_data, allow_redirects=False)

print(f"[+] Login status: {r4.status_code}")
print(f"[+] Location header: {r4.headers.get('Location')}")
print(f"[+] Response: {r4.text[:200]}")