Requests authorization fails?

I

ivan97272022-03-12 09:25:50

Python

ivan9727, 2022-03-12 09:25:50

Greetings, authorization does not work, always a 400 error. But if you disable the headers, then the 200 code always returns

import requests


data = {
    "login" : "my_login",
    "password": "my_password"
}
headers = {
    "Accept":"application/json",
    "Accept-Encoding": "gzip, deflate, br",
    "Accept-Language": "ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3",
    "Connection":"keep-alive",
    "Host":"ekt.profi.ru",
    "Origin":"https://ekt.profi.ru",
    "Referer":"https://ekt.profi.ru/backoffice/?utm_source=profi.ru&utm_medium=referral&utm_campaign=link_enter_backoffice_click",
    "Sec-Fetch-Dest":"empty",
    "Sec-Fetch-Mode":"cors", 
    "Sec-Fetch-Site":"same-origin",
    "TE":"trailers",
    "User-Agent":"Mozilla/5.0 (X11; Linux x86_64; rv:97.0) Gecko/20100101 Firefox/97.0",
    "x-app-id" :"BO",
    "x-new-auth-compatible":"1"
}
session = requests.Session()
response = session.post('https://profi.ru/backoffice/api/', headers=headers, data=data)

print(response)

The resource itself where I'm trying to log in https://profi.ru/backoffice . Thanks in advance

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

S

soremix, 2022-03-12
@ivan9727

1. A bunch of extra headers
2. Wrong Content-Type of transmitted data
3. Wrong format of transmitted data

K

Konstantin Nagibovich, 2022-03-12
@nki

It's too easy not to find it yourself.
Solution option.