我正在尝试使用Python请求库登录网页。我正在向该链接发送POST请求并获得响应,但是我在响应头中缺少“ Location”项。我正在使用以下代码:
import requests
from bs4 import BeautifulSoup
url = 'https://aab.powerapp.nl/login'
headers = {'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36'}
response = requests.get(url, headers=headers)
soup = BeautifulSoup(response.content)
token = soup.find('input', {'name': '_token'}).get('value')
headers['Cookie'] = '; '.join([x.name + '=' + x.value for x in response.cookies])
headers['Content-Type'] = 'application/x-www-form-urlencoded'
payload = {
'_token': token,
'emailaddress': '',
'password': ''
}
response = requests.post(url + '/validate', files=payload, headers=headers)
Chrome中显示的请求标头如下:
POST /login/validate HTTP/1.1
Host: aab.powerapp.nl
Connection: keep-alive
Content-Length: 90
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Origin: https://aab.powerapp.nl
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://aab.powerapp.nl/login
Accept-Encoding: gzip, deflate, br
Accept-Language: nl-NL,nl;q=0.9,en-US;q=0.8,en;q=0.7
Cookie: XSRF-TOKEN=eyJpdiI6InkyK1pWbzRcL3dmbVRPeVwvNW52UjFyUT09IiwidmFsdWUiOiJWazZXRGFDb0tWcGQ1WjhleHdSRzZYU202WXN3bG4wbG9YQnZZcUNYTndDcXJETDl2MGIrY0dnUVlOcUhoTmZKIiwibWFjIjoiZmNmNzlmMjc5YWRiMmMyNjk0MmI1YjE5ZTE2OTNmZGU5YTRlNDA0MDg3ZGE4NTI1ZTc3NTBkZjg0MjFjOTQzNSJ9; pa_session_aabp=eyJpdiI6IjlidWIxdlVybFl0UjJHOXorcnFmT2c9PSIsInZhbHVlIjoiM0JZXC9NNHJOWlFIVjBhQ2xxelN2ZENrSVBuTkpibzJybUhkSHRUeGpSTTRITnFyK2E1M3ExM2VjWjNnNG4rbXMiLCJtYWMiOiJmN2NjZGRkNjc2YTJkZjBjNGVkZDczODNlZDI1YTk5YTllODk1YmFiMDc4Mzc5MWM2ZDZmMThiZjNmMzU0MmU5In0%3D
我只收到以下标题:
{'Date': 'Sat, 29 Jun 2019 15:40:15 GMT', 'Server': 'Apache', 'Cache-Control': 'no-cache, private', 'Set-Cookie': 'pa_session_aabp=eyJpdiI6ImFwS21QNVpMRGh1ZHJ0ZW1vbCtia1E9PSIsInZhbHVlIjoiRHZHa1wvZlNKMnkzZVEzTCthQVZ1eGdjSmRVbEZVSVJ2RHN5ZXZwNEV6NmRkZVZnTVhTMVlGUWxES1dYUmdvQlgiLCJtYWMiOiIyNWRhYTRkNzUyZTdiYmI4ODYwMDBkMmVjMDRmNzliYzZmZDAzNzg4N2NiMTdkMWI3Y2YyZjQyOGI0MDFiZWJlIn0%3D; path=/; domain=aab.powerapp.nl; secure; httponly', 'Location': 'https://aab.powerapp.nl/login', 'Keep-Alive': 'timeout=5, max=100', 'Connection': 'Keep-Alive', 'Transfer-Encoding': 'chunked', 'Content-Type': 'text/html; charset=UTF-8', 'Content-Language': 'nl'}
我尝试将allow_redirects参数设置为True
和False
,但是我仍然无法在响应头中重新获得Location
项目。接下来,我尝试设置几个不同的请求标头,包括Cookie
,Referer
和User-Agent
。除了在请求中作为表单数据发送的emailaddress
和password
,还发送了第三字段_token
。我不确定这是否可能是问题的原因,因为我也不确定令牌的值是如何确定的。
编辑: 我发现可以从登录页面的html中提取也以表单数据形式发送的令牌。我对脚本进行了一些更改以反映此知识。不幸的是,这似乎并没有解决我的问题。
答案 0 :(得分:0)
您应该在开始时每个会话发送一次凭据,并且在成功通过该过程之后,您将获得在服务器端定义的一段时间内有效的令牌字符串。授权后对api的任何其他调用都需要将该令牌作为标头发送。
答案 1 :(得分:0)
我设法通过使用请求session
结合使用data参数而不是files参数来解决此问题。代码如下:
import requests
from bs4 import BeautifulSoup
session = requests.session()
url = 'https://aab.powerapp.nl/login'
headers = {'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36',
"Upgrade-Insecure-Requests": "1"}
response = session.get(url, headers=headers)
soup = BeautifulSoup(response.content)
token = soup.find('input', {'name': '_token'}).get('value')
headers['Content-Type'] = 'application/x-www-form-urlencoded'
payload = {
'_token': token,
'emailaddress': '',
'password': ''
}
response = session.post(url + '/validate', data=payload, headers=headers, allow_redirects=False)