如何使用 python 請求庫登錄使用 CSRF 令牌的網站

Question

網站： https://auth.pleaseignore.com/login/?next=/profile/

import requests
from bs4 import BeautifulSoup

request_url = 'https://auth.pleaseignore.com/login/'
with requests.session() as session:
    get_url = session.get('https://auth.pleaseignore.com/login/')
    HTML = BeautifulSoup(get_url.text, 'html.parser')
    csrfmiddlewaretoken = HTML.find_all('input')[-1]['value']

    #logging in
    payload = {
    'next' : '/ profile /',
    'username' : 'asfasf',
    'password' : 'afsfafs',
    'next': '/ profile /',
    'csrfmiddlewaretoken': csrfmiddlewaretoken
    }
    login_request = session.post(request_url,payload)
    print(login_request)

Output：

<Response [403]>

我收到 403 響應的原因是 csrfmiddlewaretoken 令牌無效，它無效的原因是每次發送 a.get 和 .post 請求時 csrfmiddlewaretoken 令牌都會更改，我想知道如何登錄該網站盡管那樣

Answer 1

import requests
from bs4 import BeautifulSoup

headers = {
    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0",
    "Referer": "https://auth.pleaseignore.com/login/"
}

data = {
    "next": [
        "/profile/",
        "/profile/"
    ],
    "username": "username",
    "password": "password",
}


def get_soup(content):
    return BeautifulSoup(content, 'lxml')


def main(url):
    with requests.Session() as req:
        req.headers.update(headers)
        r = req.get(url)
        soup = get_soup(r.content)
        data['csrfmiddlewaretoken'] = soup.select_one(
            'input[name="csrfmiddlewaretoken"]')['value']
        r = req.post(url, data)
        print(r)


main('https://auth.pleaseignore.com/login/')

Answer 2

缺少的“Referer”header 導致 [403 Forbidden]。

headers = {'Referer': 'https://auth.pleaseignore.com/login/'}
login_request = session.post(request_url,payload, headers=headers)

完整腳本：

import requests
from bs4 import BeautifulSoup

request_url = 'https://auth.pleaseignore.com/login/'
with requests.session() as session:
    get_url = session.get('https://auth.pleaseignore.com/login/')
    HTML = BeautifulSoup(get_url.text, 'html.parser')
    csrfmiddlewaretoken = HTML.find_all('input')[-1]['value']

    #logging in
    payload = {
        'next' : '/ profile /',
        'username' : 'asfasf',
        'password' : 'afsfafs',
        'next': '/ profile /',
        'csrfmiddlewaretoken': csrfmiddlewaretoken
    }
    headers = {
        'Referer': 'https://auth.pleaseignore.com/login/'
    }
    login_request = session.post(request_url,payload, headers=headers)
    print(login_request)

如何使用 python 請求庫登錄使用 CSRF 令牌的網站

問題描述

2 個解決方案

解決方案1
0 2022-05-23 04:31:30

解決方案2
0 已采納 2022-05-23 06:45:38

如何使用 python 請求庫登錄使用 CSRF 令牌的網站

問題描述

2 個解決方案

解決方案1 0 2022-05-23 04:31:30

解決方案2 0 已采納 2022-05-23 06:45:38

解決方案1
0 2022-05-23 04:31:30

解決方案2
0 已采納 2022-05-23 06:45:38