问题描述
import requests
from bs4 import BeautifulSoup as bs
import lxml
# Page header
head= { 'Content-Type':'application/x-www-form-urlencoded','User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML,like Gecko) Chrome/69.0.3497.100 Safari/537.36'
}
# Start Page
url = 'https://www.rewardstyle.com'
# Login URL
login_url = 'https://auth.rewardstyle.com/login/'
# URL behind the login page
url2= 'https://www.rewardstyle.com/products/recent?lang=en_US'
# Open up a session
s = requests.session()
# Open the login page
r = s.get(login_url)
# Retrieve the CSRF token first
csrftoken = s.cookies['csrftoken']
print(csrftoken)
这会打印一个 csrf 令牌,尽管我的错误可能是它无效? 接下来我发布数据,但没有运气:
# Get the page cookie
cookies = r.cookies
# Set CSRF-Token
head['X-CSRF-Token'] = csrftoken
head['X-Requested-With'] = 'XMLHttpRequest'
payload = {
'username':'myuser','password':'mypassword',}
r = requests.post(login_url,data=payload,headers = head)
print(r.content)
禁止 (403)
CSRF 验证失败。 请求中止。
您看到此消息是因为 本网站在提交表单时需要 CSRF cookie。这个饼干是 出于安全原因需要
解决方法
这适用于任何想知道的人。
import requests
from bs4 import BeautifulSoup as bs
import lxml
# Page header
head= { 'Content-Type':'application/x-www-form-urlencoded','User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML,like Gecko) Chrome/69.0.3497.100 Safari/537.36'
}
# Start Page
url = 'https://www.rewardstyle.com'
# Login URL
login_url = 'https://auth.rewardstyle.com/login/'
# URL behind the login page
url2= 'https://www.rewardstyle.com/products/recent?lang=en_US'
# Open up a session
s = requests.session()
# Open the login page
r = s.get(login_url)
# Retrieve the CSRF token first
csrftoken = s.cookies['csrftoken']
print(csrftoken) #Check if it's getting printed. Sometimes key name could be 'csrf' only
# Get the page cookie
cookies = r.cookies
# Set CSRF-Token
head['X-CSRF-Token'] = csrftoken
head['X-Requested-With'] = 'XMLHttpRequest'
head['Referer'] = login_url
payload = {
'username':'username','password':'password','csrfmiddlewaretoken' : csrftoken,}
r = s.post(login_url,data=payload,headers = head)
print(r.content)
# Try to get a page behind the login page
r = s.get(url2)
# Check if login was successful
print(r.content)