[Fixed]-Login to webpage from script using Requests and Django

17👍

It is not working in part because r2 needs to have the cookies returned by r1. This may not fix it, but it is unlikely to work without making at least this change. To do this, you could use the same session throughout the script, or pass the cookies to each request after the first one.

Here is what using a session throughout might look like:

url_login='../pecasRunLog/accounts/login/'
url_add_run='../pecasRunLog/model/'+region+'/add_run/'

client = requests.session()
client.get(url_login)
csrftoken = client.cookies['csrftoken']
login_data = {'username':user,'password':password,
  'csrfmiddlewaretoken':csrftoken, 'next': '/pecasRunLog/'}
r1=client.post(url_login,data=login_data)

payload={'model_region':region_id,'scendir':scendir, 
  'mapit_scenario': schema, 'run_name':schema+timestamp, 
  'run_computer_name':os.environ['COMPUTERNAME'], 
  'run_computer_ip':get_lan_ip(), 'declared_user':declared_user,
  'logged_in_user':getpass.getuser(), 'sd_schema':schema, 
  'sd_database':database, 'sd_host':get_lan_ip(), 
  'sd_port':pgport,'mapit_schema':schema, 
  'mapit_database':database, 'mapit_host':get_lan_ip(), 
  'mapit_port':pgport,'start_date':start_date, 
  'start_time':start_time, 'end_date':end_date, 
  'end_time':end_time,'logged_manually':3, 
  'csrfmiddlewaretoken':csrftoken, 
  'sessionid':'jtvv50cs3iyo9bjthbr2diujfmrrlsnf'}
r2=client.post(url_add_run,payload)

Here is what passing cookies throughout the script might look like:

url_login='../pecasRunLog/accounts/login/'
url_add_run='../pecasRunLog/model/'+region+'/add_run/'

# get the csrftoken
r0 = requests.get(url_login)
csrftoken = r0.cookies['csrftoken']

# get cookies with logged in info
login_data = {'username':user,'password':password,
  'csrfmiddlewaretoken':csrftoken, 'next': '/pecasRunLog/'}
r1=requests.post(url_login,data=login_data,cookies=r0.cookies)

# use logged-in cookies
payload={'model_region':region_id,'scendir':scendir, 
  'mapit_scenario': schema, 'run_name':schema+timestamp, 
  'run_computer_name':os.environ['COMPUTERNAME'], 
  'run_computer_ip':get_lan_ip(), 'declared_user':declared_user,
  'logged_in_user':getpass.getuser(), 'sd_schema':schema, 
  'sd_database':database, 'sd_host':get_lan_ip(), 
  'sd_port':pgport,'mapit_schema':schema, 
  'mapit_database':database, 'mapit_host':get_lan_ip(), 
  'mapit_port':pgport,'start_date':start_date, 
  'start_time':start_time, 'end_date':end_date, 
  'end_time':end_time,'logged_manually':3, 
  'csrfmiddlewaretoken':csrftoken,
  'sessionid':'jtvv50cs3iyo9bjthbr2diujfmrrlsnf'}
r2=requests.post(url_add_run,payload,cookies=r1.cookies)

If neither of these works, try looking carefully at the cookies, and maybe you’ll spot the problem.

7👍

I just face same problem.

Looks like django use diferent url for login post than the login home page.

This code work for me

import requests
URL1='http://localhost:8000/admin/'
URL='http://localhost:8000/admin/login/?next=/admin/'
UN='bino'
PWD='sendhimin'
client = requests.session()

# Retrieve the CSRF token first
client.get(URL1)  # sets the cookie
csrftoken = client.cookies['csrftoken']

login_data = dict(username=UN, password=PWD, csrfmiddlewaretoken=csrftoken)
r = client.post(URL2, data=login_data, headers={"Referer": "foo"})

1👍

Try this:

url_login='../pecasRunLog/accounts/login/'
url_add_run='../pecasRunLog/model/'+region+'/add_run/'

with requests.session() as client:
    client.get(url_login)
    csrftoken = client.cookies['csrftoken']
    login_data = {'username':user,'password':password, 'csrfmiddlewaretoken':csrftoken, 'next': '/pecasRunLog/'}
    r1=client.post(url_login,data=login_data)

    payload={'model_region':region_id,'scendir':scendir, 'mapit_scenario': schema, 'run_name':schema+timestamp, 'run_computer_name':os.environ['COMPUTERNAME'], 'run_computer_ip':get_lan_ip(), 'declared_user':declared_user, 'logged_in_user':getpass.getuser(), 'sd_schema':schema, 'sd_database':database, 'sd_host':get_lan_ip(), 'sd_port':pgport,'mapit_schema':schema, 'mapit_database':database, 'mapit_host':get_lan_ip(), 'mapit_port':pgport,'start_date':start_date, 'start_time':start_time, 'end_date':end_date, 'end_time':end_time,'logged_manually':3, 'csrfmiddlewaretoken':csrftoken, 'sessionid':'jtvv50cs3iyo9bjthbr2diujfmrrlsnf'}
    r2=client.post(url_add_run,payload)

If this works, I think the problem is that you first post from the newly created session, and then you do a regular post, while you should continue to post from the session

Leave a comment