我正在尝试编写一个必须登录到我们的GitLab服务器的脚本(相关部分似乎是Rails应用,我真的很讨厌更改它)。为此,我编写了一个脚本(在perl中,但是在这里几乎没有关系),它对/users/sign_in进行了HTTP GET,并解析了结果以检索用作{{至少我了解)CSRF保护,然后使用所有(?)我可以在HTML中看到的形式变量对authenticity_token进行HTTP PUT。
但是我得到的结果是“ 422无法处理的实体”,在/users/sign_in中我可以看到
/var/log/gitlab/gitlab-rails/production.log(不,我必须登录才能正常工作的用户名为“ abcdef”,但是当我在脚本中使用真实的用户名时,由于登录失败,GitLab锁定了该帐户,因此替换它什么都没改变)
我该怎么办?
如果我的代码有帮助:
Started POST "/users/sign_in" for 46.30.211.31 at 2019-04-04 13:39:09 +0000
Processing by SessionsController#create as HTML
Parameters: {"utf8"=>"â\u009C\u0093", "authenticity_token"=>"[FILTERED]", "user"=>{"login"=>"abcdef", "remember_me"=>"0", "password"=>"[FILTERED]"}}
Can't verify CSRF token authenticity.
Completed 422 Unprocessable Entity in 10ms (ActiveRecord: 1.4ms | Elasticsearch: 0.0ms)
ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
lib/gitlab/middleware/multipart.rb:103:in `call'
lib/gitlab/request_profiler/middleware.rb:16:in `call'
ee/lib/gitlab/jira/middleware.rb:17:in `call'
lib/gitlab/middleware/go.rb:20:in `call'
lib/gitlab/etag_caching/middleware.rb:13:in `call'
lib/gitlab/middleware/correlation_id.rb:16:in `block in call'
lib/gitlab/correlation_id.rb:15:in `use_id'
lib/gitlab/middleware/correlation_id.rb:15:in `call'
lib/gitlab/middleware/read_only/controller.rb:42:in `call'
lib/gitlab/middleware/read_only.rb:18:in `call'
lib/gitlab/middleware/basic_health_check.rb:25:in `call'
lib/gitlab/request_context.rb:26:in `call'
lib/gitlab/metrics/requests_rack_middleware.rb:29:in `call'
lib/gitlab/middleware/release_env.rb:13:in `call'