用python傳遞csrftoken請求

Question

如何通過python模塊請求傳遞csrftoken？這是我有什麼，但它不工作，我不知道哪個參數，將其傳遞到（數據，標題，AUTH ...）

import requests 
from bs4 import BeautifulSoup 

URL = 'https://portal.bitcasa.com/login' 

client = requests.session(config={'verbose': sys.stderr}) 

# Retrieve the CSRF token first 
soup = BeautifulSoup(client.get('https://portal.bitcasa.com/login').content) 
csrftoken = soup.find('input', dict(name='csrfmiddlewaretoken'))['value'] 

login_data = dict(username=EMAIL, password=PASSWORD, csrfmiddlewaretoken=csrftoken) 
r = client.post(URL, data=login_data, headers={"Referer": "foo"}) 

同樣的錯誤每次消息。

<h1>Forbidden <span>(403)</span></h1> 
<p>CSRF verification failed. Request aborted.</p> 

Answer 1

您需要引薦設置爲相同的URL作爲登錄頁面：

import sys 
import requests 

URL = 'https://portal.bitcasa.com/login' 

client = requests.session() 

# Retrieve the CSRF token first 
client.get(URL) # sets cookie 
if 'csrftoken' in client.cookies: 
    # Django 1.6 and up 
    csrftoken = client.cookies['csrftoken'] 
else: 
    # older versions 
    csrftoken = client.cookies['csrf'] 

login_data = dict(username=EMAIL, password=PASSWORD, csrfmiddlewaretoken=csrftoken, next='/') 
r = client.post(URL, data=login_data, headers=dict(Referer=URL)) 

Answer 2

同樣，使用Django的的csrf_client 筆記的主要區別是在使用csrftoken.value login_data。用Django測試1.10.5 -

import sys 

import django 
from django.middleware.csrf import CsrfViewMiddleware, get_token 
from django.test import Client 

django.setup() 
csrf_client = Client(enforce_csrf_checks=True) 

URL = 'http://127.0.0.1/auth/login' 
EMAIL= 'test-user@test.com' 
PASSWORD= 'XXXX' 

# Retrieve the CSRF token first 
csrf_client.get(URL) # sets cookie 
csrftoken = csrf_client.cookies['csrftoken'] 

login_data = dict(username=EMAIL, password=PASSWORD, csrfmiddlewaretoken=csrftoken.value, next='/') 
r = csrf_client.post(URL, data=login_data, headers=dict(Referer=URL))