Authenticate with python requests - Cookies ? Payload ? Something else?

Question

I try to log in this website using python (and after automate some actions) : https://www.rika-firenet.com/web/login

As you see on the page, the html code is this one :

So I tried that in python :

import requests
import urllib.parse

url = 'https://www.rika-firenet.com/'
url_login = url+'web/login'

client = requests.session()
payload = urllib.parse.urlencode({
    'email':'myemail@mail.com',
    'password':'mypwd'
})

print("+-[url get] : {}".format(url_login))
headers = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36'}
r = client.get(url, headers=headers, allow_redirects=True)
print(r.cookies)

print("+-[url post] : {}".format(url_login))
p = client.post(url_login, data=payload, headers=headers, cookies=r.cookies)
print(p.content)

I get the cookie in the get, but I have the original page in return of post request.

+-[url get] : https://www.rika-firenet.com/web/login
]>
+-[url post] : https://www.rika-firenet.com/web/login

Somebody succeeded with this php code :

function login ()
{
  global $login_url,$username_rika,$password_rika,$path_cookie;
  $postinfo = "email=".$username_rika."&password=".$password_rika;
  $status = false;
  $ch = curl_init();
  curl_setopt($ch, CURLOPT_HEADER, false);
  curl_setopt($ch, CURLOPT_NOBODY, false);
  curl_setopt($ch, CURLOPT_URL, $login_url);
  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  curl_setopt($ch, CURLOPT_FAILONERROR, true);

  curl_setopt($ch, CURLOPT_COOKIEJAR, $path_cookie);
  curl_setopt($ch, CURLOPT_COOKIEFILE, $path_cookie); // file to read cookies in
  //set the cookie the site has for certain features, this is optional
  curl_setopt($ch, CURLOPT_COOKIE, "cookiename=0");
  curl_setopt($ch, CURLOPT_USERAGENT,
      "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7");
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);

  curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
  curl_setopt($ch, CURLOPT_POST, 1);
  curl_setopt($ch, CURLOPT_POSTFIELDS, $postinfo);
  $return = curl_exec($ch);

  // Retourne le numéro d'erreur de la dernière opération cURL.
  $curl_errno = curl_errno($ch);
  $curl_error = curl_error($ch);

  if ($curl_errno > 0) {
        echo "cURL Error ($curl_errno): $curl_error
";
        $status['connected'] = false;
        $status['curl_errno'] = curl_errno($ch);
        $status['curl_error'] = curl_error($ch);
        exit; // mettre en veille en mode développement
     }
  else {
        //echo "Data received phase 1 : $return
";
        $status['connected'] = true;
     }
  curl_close($ch);
  return $status;
}

But as I'm not a php expert, I don't really understand why it works.

Any clue ?

Thanks

Greg

ps : After resolution, complete code for controlling Rika stoves can be found in https://github.com/iero/Rika-Stove

t.m.adam · Accepted Answer

Some notes:

Don't urlencode your post data with urllib, let requests handle the encoding.
requests.session persists cookies across requests by default, so you don't have to use the cookies parameter.
requests follows redirects by default.
You don't have to spoof User-Agent for this site. If you want to add some headers you could do that in the session object so you won't have to use the headers parameter for every request.

Python code:

import requests

url = 'https://www.rika-firenet.com/'
url_login = url+'web/login'
s = requests.session()
#s.headers['User-Agent'] = 'Mozilla/5.0'
data = {'email':'myemail@mail.com', 'password':'mypwd'}
r = s.post(url_login, data)

print(r.url)
print('Log out' in r.text)

Authenticate with python requests - Cookies ? Payload ? Something else?

Answers (1)

Related Questions