Django用户身份验证

时间:2014-02-18 15:19:03

标签: java django login django-login

我正在编写一段java代码,使用以下代码登录基于django的网站。 但它返回403错误

[18/Feb/2014 15:16:36] "POST /accounts/login/ HTTP/1.1" 403 2282

任何人都知道如何解决这个问题? 非常感谢提前!

private String baseUrl = "http://localhost:9999";    
boolean result = false;
try {
        URL url = new URL(baseUrl + "/accounts/login/");
        HttpURLConnection con = (HttpURLConnection) url.openConnection();
        con.setRequestMethod("POST");
        con.setDoInput(true);
        con.setDoOutput(true);
        String formParameters = "csrfmiddlewaretoken="
                + para + "&username="
                + "name" + "&password="
                + "pwd" + "&next=";

        System.out.println(formParameters);
        DataOutputStream wr = new DataOutputStream(
                con.getOutputStream());
        wr.writeBytes(URLEncoder.encode(formParameters, "UTF-8"));
        wr.flush();
        wr.close();

        if(con.getResponseCode() == 302){
            result = true;
        }
    } catch (MalformedURLException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (IOException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }

return result;

1 个答案:

答案 0 :(得分:1)

嘿我现在正在解决同样的问题,我觉得我需要分享一下。这可能为时已晚,但可能对将来需要一些类似问题的人提供帮助。

  1. 请求登录页面,Django将设置您的cookie:

    URL url = new URL("http://localhost:9999");
HttpURLConnection client = (HttpURLConnection) url.openConnection();
client.setDoInput(true);
client.connect();
inputStream = client.getInputStream(); // open input stream
//read input
StringWriter writer = new StringWriter();
IOUtils.copy(inputStream, writer, "UTF-8");
String string = writer.toString();
//NOTE (look for this under this code section)
String cookie= client.getHeaderField("Set-Cookie").get(0);
client.disconnect();

    2. 注意:您的标题值存储在HashMap<String,List<String>>中,我使用了get(0),因为根据我的经验,&#34; Set-Cookie&#34;只包含1个值,所以我得到索引0,在这个例子中包含这个:

    "csrftoken=FwYSncufKaCZjxLWGUPq7ORZRvTXIxkU; expires=Sun, 09-Jul-2017 18:23:09 GMT; Max-Age=31449600; Path=/ 1"

    如您所见,它包含csrf cookie。 现在你需要做两件事:

    1. 将上一个Cookie放入您的下一个网址请求属性

    2. 您需要将您的csrf标记值(在此示例中为#34; FwYSncufKaCZjxLWGUPq7 ORZRvTXIxkU&#34;,您可以使用regex获取此值)到您的POST参数中。

      < / LI>

      以下是一些代码:

          url = new URL(LOGIN_URL);
    client = (HttpURLConnection) url.openConnection();
    client.setDoInput(true);
    client.setDoOutput(true);
    client.setRequestMethod("POST");
    //set cookie to the previous cookie that has the correct csrf token
    client.setRequestProperty("Cookie", cookie);
    //set up the form params for the POST
    String formParameters = "csrfmiddlewaretoken="
            + csrf + "&username="
            + "name" + "&password="
            + "pwd";

    DataOutputStream wr = new DataOutputStream(
            client.getOutputStream());
    wr.write(formParameters.getBytes("UTF-8"));
    wr.flush();
    wr.close();
    client.connect();
    inputStream = client.getInputStream();
    //read return input from the django server
    writer = new StringWriter();
    IOUtils.copy(inputStream, writer, "UTF-8");
    string = writer.toString();

      希望这有助于将来的所有人!

相关问题
最新问题