Python Forum
Thread Rating:
  • 1 Vote(s) - 2 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Getting csrf token to log in
#1
Running a load test on a web portal (Liferay) using Locust but cannot log in. I am posting the username and password, but need the csrf token. I can inspect the page and see in the response that it is assigning a csrf token as "Liferay.authToken" but have no clue how to grab that. When posting the data to log in, it needs the token (the page calls it p_auth).

Here is a similar fix for this but it's not working for me, maybe because the token is called something different on my page: stefanoapostolico.com/2014/12/07/hande-csrf-token-in-locust-test.html

Any help would be appreciated!
Reply
#2
If it's set in a cookie, then that link should help. If it's a hidden form field (which I think is more common), then you can use beautifulsoup to find it and get the value.
Reply
#3
You can try to use Requests with session() to handle cookies.
import requests

url = 'url'
client = requests.session()
# Retrieve the CSRF token first
csrf = client.get(url).cookies['csrftoken']

login_data = dict(username=EMAIL, password=PASSWORD, csrfmiddlewaretoken=csrf, next='/')
r = client.post(URL, data=login_data, headers=dict(Referer=url))

# Check if it worked?
print r.status_code
As mention BeautifulSoup it will be in simelair way,
first set up session(),then search for CSRF token.
import requests
from bs4 import BeautifulSoup

client = requests.Session()
headers = {'User-Agent': 'Mozilla/5.0'}
url = 'url'

soup = BeautifulSoup(client.get(url).text, "html.parser")
csrf = soup.find(name="csrf")
The other way is to be a browser Confused
bye using Selenium/PhantomJS to log in which work fine from Python.
Reply
#4
Hi. I've tried the above suggestions but in both cases receive a Max retries exceeded with url error. Reviewing other forum posts about this issue, it doesn't sound like it's an accurate or helpful message but nonetheless, I haven't found a workable solution. I'm trying to write a python script to login to a website via an api.

I'm a novice python script writer so as much detail as possible in your response would be appreciated. Thanks.
Reply
#5
Hi appen,

Did you ever find a solution to your problem with the crsf tokens? I have been struggling with what might be the same problem. Please see my post here https://python-forum.io/Thread-Python-Se...-Triggered

snippsat, metlburr said you were the one to talk with -- if you have any advice, please let me know. metlburr attempted to help but said it was outside of his skill set.

Thanks to anyone that can help!
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  passing token to requests alejandroot 4 3,080 Mar-12-2021, 04:49 PM
Last Post: alejandroot
Photo [Solved] How do I position 'token' in JavaScript in search box? cheers100 1 1,866 Nov-21-2020, 01:23 PM
Last Post: cheers100
  The CSRF session token is missing. randiaz 0 2,997 Jul-31-2020, 08:45 PM
Last Post: randiaz
  Token and auth-token hshivaraj 1 2,834 Jul-26-2019, 07:40 AM
Last Post: fishhook

Forum Jump:

User Panel Messages

Announcements
Announcement #1 8/1/2020
Announcement #2 8/2/2020
Announcement #3 8/6/2020