Logging with python requests library error: Forbidden(403) CSRF verification failed

Question

Logging with python requests library error: Forbidden(403) CSRF verification failed

Alehanter337 opened this issue 3 years ago · 1 comments

Can't login with python requests library on page "http://selks/account/login".

import requests

session = requests.Session()

login_url = 'http://selks/accounts/login/'
USERNAME = 'selks-user'
PASSWORD = '123'

session.get(login_url)
csrftoken = session.cookies['csrftoken']
print('csrftoken = ', csrftoken, '\n')

login_data = dict(username=USERNAME, password=PASSWORD, csrf_token=csrftoken,next='/')

r = session.post(login_url, data=login_data, headers=dict(Referer=login_url), verify=False)

with open('(index)', 'w') as f:
    f.write(r.text)

Browser Mozilla 5.0
Scirius version 3.5.0-3
OS Selks 6 (Debian 10)
Trying to get csrf token from cookies :

csrftoken = session.cookies['csrftoken']

and turn off CSRF verify:

 r = session.post(login_url, data=login_data, headers=dict(Referer=login_url), verify=False)

Not helped.
csrfmiddlewaretoken instead of csrf_token here nothing change too:

login_data = dict(username=USERNAME, password=PASSWORD, csrf_token=csrftoken,next='/')

What's problem is here?

Answer 1 · 2022-03-03T09:28:35.000Z

I'm log in scirius, just do some fix with referer.
Script below, hope it will help to somebody:

import requests
import sys

session = requests.Session()

login_url = 'https://selks/accounts/login/'
url = 'https://selks/rules/'
user_agent = 'Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0' 

session.get(login_url, verify=False)
csrftoken = session.cookies['csrftoken']
print('csrftoken = ', csrftoken, '\n')

post_request = session.post(login_url, 
    headers = {'Referer' : login_url, 'User-Agent' : user_agent},
    data = {'csrfmiddlewaretoken': csrftoken,
              'username': 'selks-user',
              'password': 'selks-user'})

with open('index', 'w') as f:
    f.write(post_request.text)