---
- name: Log in to OPNsense and obtain PHPSESSID and CSRF token
  hosts: localhost
  gather_facts: no
  vars:
    api_username: "your_username"
    api_password: "your_password"

  tasks:
    - name: Perform GET request to initiate session and retrieve PHPSESSID
      uri:
        url: "https://192.168.1.1/"
        method: GET
        user: "{{ WEBUI_USERNAME }}"
        password: "{{ WEBUI_PASSWORD }}"
        headers:
          Accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7'
        validate_certs: no
        return_content: yes
      register: login_page

    - name: Extract PHPSESSID from response cookies
      set_fact:
        phpsessid: "{{ login_page.cookies.PHPSESSID }}"

    - name: Extract CSRF token name and value from the page content
      set_fact:
        csrf_tokens: "{{ login_page.content | regex_findall('<input[^>]*type=\"hidden\"[^>]*name=\"([^\"]+)\"[^>]*value=\"([^\"]+)\"') }}"

    - name: Set CSRF token name and value
      set_fact:
        csrf_token_name: "{{ csrf_tokens[0][0] if csrf_tokens | length > 0 else 'Not found' }}"
        csrf_token_value: "{{ csrf_tokens[0][1] if csrf_tokens | length > 0 else 'Not found' }}"

    - name: Display the PHPSESSID and CSRF token details
      debug:
        msg: "PHPSESSID is {{ phpsessid }}, CSRF token name is {{ csrf_token_name }}, CSRF token value is {{ csrf_token_value }}"

    - name: Construct body
      set_fact:
        request_body: |
          {{ csrf_token_name}}={{ csrf_token_value }}&range_from=192.168.1.10&range_to=192.168.1.245&wins1=&wins2=&dns1=&dns2=&gateway=&domain=&domainsearchlist=&defaultleasetime=&maxleasetime=&minsecs=&interface_mtu=&failover_peerip=&failover_split=&ddnsdomain=&ddnsdomainprimary=&ddnsdomainkeyname=&ddnsdomainkey=&ddnsdomainalgorithm=hmac-md5&mac_allow=&mac_deny=&ntp1=&ntp2=&tftp=&bootfilename=&ldap=&nextserver=192.168.1.1&filename=&filename32=&filename64=bootx64.efi&filename32arm=&filename64arm=&filenameipxe=&rootpath=&omapiport=&omapialgorithm=&omapikey=&numberoptions_number%5B%5D=&numberoptions_type%5B%5D=text&numberoptions_value%5B%5D=&if=lan&submit=Save'

    - name: Send POST request to update DHCP settings
      uri:
        url: "https://192.168.1.1/services_dhcp.php?if=lan"
        method: POST
        headers:
          Accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7'
          Content-Type: 'application/x-www-form-urlencoded'
          Cookie: "PHPSESSID={{ phpsessid }}"
          Origin: "https://192.168.1.1"
          Referer: "https://192.168.1.1/services_dhcp.php?if=lan"
          X-CSRFToken: "{{ csrf_token_value }}"
        body_format: form-urlencoded
        body: "{{ request_body }}"
        validate_certs: no
        return_content: yes
      register: dhcp_update_response

    - name: Display the response from the DHCP update request
      debug:
        msg: "{{ dhcp_update_response.content }}"





#        request_body: |
#          {{ csrf_token_name }}={{ csrf_token_value }}&range_from=192.168.1.10&range_to=192.168.1.245&wins1=&wins2=&dns1=&dns2=&gateway=&domain=&domainsearchlist=&defaultleasetime=&maxleasetime=&minsecs=&interface_mtu=&failover_peerip=&failover_split=&ddnsdomain=&ddnsdomainprimary=&ddnsdomainkeyname=&ddnsdomainkey=&ddnsdomainalgorithm=hmac-md5&mac_allow=&mac_deny=&ntp1=&ntp2=&tftp=&bootfilename=&ldap=&nextserver=192.168.1.1&filename=&filename32=&filename64=bootx64.efi&filename32arm=&filename64arm=&filenameipxe=&rootpath=&omapiport=&omapialgorithm=&omapikey=&numberoptions_number%5B%5D=&numberoptions_type%5B%5D=text&numberoptions_value%5B%5D=&if=lan&submit=Save