How to compose this https request so that the status code is 200/302?

E

Eduard Tsakhlo2017-10-06 19:43:05

Python

Eduard Tsakhlo, 2017-10-06 19:43:05

I need to do remote authorization on this site . The problem is that there is CSRF protection there, and you have to send a token. You also need to send an additional token, which is sent by the server in the input field with the hidden attribute. Before I figured out where to get this additional token, I sent a request with what was given to me in the browser. The server returned a 500 error to me (as far as I know, a server error). After I added receiving additional. token, I get an SSL certificate validity error. I need help in compiling a request that will return me a 302 error ( An error, on this site, appears when the login and / or password is not valid).
The solution code may not be in python. The main thing is to explain to me what is wrong and offer a solution.
UPD1 The complexity of the question could not be determined normally
. UPD2 The solution is to change verify to False, or download the certificate from their website and add it locally as a path to verify I have already tried. What other ways are there to solve the certification problem?
UPD3 Fixed an error in writing the question. The error I need is 302, not 305.

Program code for the request:

import requests

def getCookiesFromJar( jar ):

  jar = jar.get_dict()

  cookies = ""

  for cookieKey in jar:
    cookies += cookieKey + "=" + jar[ cookieKey ] + "; "

  cookies = cookies[ :-1 ]

  return cookies

def getToken( content ):

  content = str( content )

  exampleToken = "oUosXGOoBItMnvdN1HyOkp0Jfo2CziqULhaxHlR8"
  magicNum = content.find( "<input name=\"_token\" type=\"hidden\" value=\"" )

  token = content[ magicNum + 42 : magicNum + 42 + len( exampleToken ) ]

  return token

headers = {
  "Host": "online.gotivochka.com.ua",
  "User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:57.0) Gecko/20100101 Firefox/57.0",
  "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
  "Accept-Language": "ru",
  "Accept-Encoding": "gzip, deflate, br",
  "Referer": "https://gotivochka.com.ua/",
  "Content-Type": "application/x-www-form-urlencoded",
  "Connection": "keep-alive",
  "Upgrade-Insecure-Requests": "1"

}

# Создаю сессию

s = requests.Session()

# Добавляю туда заголовки

s.headers.update( headers )

# Отправляю первый запрос ( GET ) для того что бы получить Cookies и доп. токен

r1 = s.get( "https://online.gotivochka.com.ua/" )

# Нахожу в html коде токен

token = getToken( r1.content )

# В заголовки добавляю cookies с первого запроса

headers[ "Cookie" ] = getCookiesFromJar( s.cookies )

# Данные для входа ( Случайные, кроме токена )

data = {
  "_token": token,
  "login": "+380+(32)+523-52-35",
  "password": "3rwebtwebtwbtwe"
}

# Обновляю заголовки в сессии

s.headers.update( headers )

# Отправляю второй ( POST ) запрос на авторизацию
# Здесь же образовывается ошибка валидации SSL

r2 = s.post( "https://online.gotivochka.com.ua/login", data=data )

# Вывод информации на ваш вкус

#print( headers[ "Cookie" ] )

#print( s.cookies )
#print( s.headers )

#print( r2.text )
#print( r2.cookies )
print( r2.status_code )

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

B

bonv, 2017-10-07
@bonv

From the headings you need to remove the value or adjust to