'How to log into a website that uses a CSRF token using the python requests library
website: https://auth.pleaseignore.com/login/?next=/profile/
import requests
from bs4 import BeautifulSoup
request_url = 'https://auth.pleaseignore.com/login/'
with requests.session() as session:
get_url = session.get('https://auth.pleaseignore.com/login/')
HTML = BeautifulSoup(get_url.text, 'html.parser')
csrfmiddlewaretoken = HTML.find_all('input')[-1]['value']
#logging in
payload = {
'next' : '/ profile /',
'username' : 'asfasf',
'password' : 'afsfafs',
'next': '/ profile /',
'csrfmiddlewaretoken': csrfmiddlewaretoken
}
login_request = session.post(request_url,payload)
print(login_request)
Output:
<Response [403]>
The reason that I am getting a 403 response is because the csrfmiddlewaretoken token is invalid and the reason it's invalid is because the csrfmiddlewaretoken token changes every time a .get and .post request is sent, and I was wondering how I can log into the website despite that
Solution 1:[1]
import requests
from bs4 import BeautifulSoup
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0",
"Referer": "https://auth.pleaseignore.com/login/"
}
data = {
"next": [
"/profile/",
"/profile/"
],
"username": "username",
"password": "password",
}
def get_soup(content):
return BeautifulSoup(content, 'lxml')
def main(url):
with requests.Session() as req:
req.headers.update(headers)
r = req.get(url)
soup = get_soup(r.content)
data['csrfmiddlewaretoken'] = soup.select_one(
'input[name="csrfmiddlewaretoken"]')['value']
r = req.post(url, data)
print(r)
main('https://auth.pleaseignore.com/login/')
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | αԋɱҽԃ αмєÑιcαη |