API tools faq
paste
Guest User

Untitled

a guest
Sep 5th, 2018
118
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.65 KB | None | 0 0
raw download clone embed print report
  1. How do I authenticate a urllib2 script in order to access HTTPS web services from a Django site?
  2. def login( base_address, username=None, password=None ):
  3.  
  4. # prompt for the username (if needed), password
  5. if username == None:
  6. username = raw_input( 'Username: ' )
  7. if password == None:
  8. password = getpass.getpass( 'Password: ' )
  9. log.info( 'Logging in %s' % username )
  10.  
  11. # fetch the login page in order to get the csrf token
  12. cookieHandler = urllib2.HTTPCookieProcessor()
  13. opener = urllib2.build_opener( urllib2.HTTPSHandler(), cookieHandler )
  14. urllib2.install_opener( opener )
  15.  
  16. login_url = base_address + PATH_TO_LOGIN
  17. log.debug( "login_url: " + login_url )
  18. login_page = opener.open( login_url )
  19.  
  20. # attempt to get the csrf token from the cookie jar
  21. csrf_cookie = None
  22. for cookie in cookieHandler.cookiejar:
  23. if cookie.name == 'csrftoken':
  24. csrf_cookie = cookie
  25. break
  26. if not cookie:
  27. raise IOError( "No csrf cookie found" )
  28. log.debug( "found csrf cookie: " + str( csrf_cookie ) )
  29. log.debug( "csrf_token = %s" % csrf_cookie.value )
  30.  
  31. # login using the usr, pwd, and csrf token
  32. login_data = urllib.urlencode( dict(
  33. username=username, password=password,
  34. csrfmiddlewaretoken=csrf_cookie.value ) )
  35. log.debug( "login_data: %s" % login_data )
  36.  
  37. req = urllib2.Request( login_url, login_data )
  38. response = urllib2.urlopen( req )
  39. # <--- 403: FORBIDDEN here
  40.  
  41. log.debug( 'response url:n' + str( response.geturl() ) + 'n' )
  42. log.debug( 'response info:n' + str( response.info() ) + 'n' )
  43.  
  44. # should redirect to the welcome page here, if back at log in - refused
  45. if response.geturl() == login_url:
  46. raise IOError( 'Authentication refused' )
  47.  
  48. log.info( 't%s is logged in' % username )
  49. # save the cookies/opener for further actions
  50. return opener
  51.  
  52. import urllib
  53. import urllib2
  54. import contextlib
  55.  
  56.  
  57. def login(login_url, username, password):
  58. """
  59. Login to site
  60. """
  61. cookies = urllib2.HTTPCookieProcessor()
  62. opener = urllib2.build_opener(cookies)
  63. urllib2.install_opener(opener)
  64.  
  65. opener.open(login_url)
  66.  
  67. try:
  68. token = [x.value for x in cookies.cookiejar if x.name == 'csrftoken'][0]
  69. except IndexError:
  70. return False, "no csrftoken"
  71.  
  72. params = dict(username=username, password=password,
  73. this_is_the_login_form=True,
  74. csrfmiddlewaretoken=token,
  75. )
  76. encoded_params = urllib.urlencode(params)
  77.  
  78. with contextlib.closing(opener.open(login_url, encoded_params)) as f:
  79. html = f.read()
  80.  
  81. print html
  82. # we're in.
  83.  
  84. req.add_header( 'Referer', login_url )
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!