I am trying to use Python to log into some websites. Here is my sample code:
import requests
from requests.auth import HTTPBasicAuth
username='username'
password ='alllongpasswordsareforchumps'
response = requests.get('https://github.com/', auth = HTTPBasicAuth(username,password))
print('Response Code '+ str(response.status_code))
I get Response Code 200, it should have been rejected. Even though the username and password mentioned here are not real. How can I check to see which authentication method the website is using?
To get unauthorized response you should send your request to other endpoints of Github instead of its base address for example see the below code snippet:
import requests
from requests.auth import HTTPBasicAuth
# Making a get request to this address
response = requests.get('https://api.github.com/user',
auth = HTTPBasicAuth('user', 'pass'))
print(response)
# this will print: <Response [401]>
Make the request without attempting authentication, receive a 401 response, but github response doesn't have the WWW-Authenticate header for you to check the authentication method of this RESTAPI and for check github authentication ways, you should read Basics of authentication section on github docs.
Related
I am trying to automate the trading strategy that I executed manually before. This requires communicating with my broker through an API. I am authorizing through HTTP basic auth. To test I tried to make an API request to get information about funds in my account.
At first, I was getting 401 responses and it turned out that I was using the wrong identification information.
After I fixed this issue, all API requests that I am making are giving me 404 responses.
An example
import requests
from requests.auth import HTTPBasicAuth
response = requests.get("https://api-demo.exante.eu/md/{version}/accounts", auth=HTTPBasicAuth
('name', 'pass'))
print(response)
After this, I tried some code online to check whether or not there are other problems. I tried this
https://gist.github.com/rshrc/127ba2c20df74263d71bc5a5595c8969
and this also gives me 404.
Link to my brokers API documentation:
https://api-live.exante.eu/api-docs/#section/API-versions
Does anyone know where might be the problem? Directions would be helpful. Thanks!
It looks like you're not passing a version with the {version} variable. Don't forget to also format the URL string with an f before it. This should work:
import requests
from requests.auth import HTTPBasicAuth
version = "3.0"
response = requests.get(f"https://api-demo.exante.eu/md/{version}/accounts", auth=HTTPBasicAuth
('name', 'pass'))
print(response)
When send the post request it returns a 401 error. Is there anything in the setup that might be causing the error. Here is the code:
import requests
>>>url= 'https://us-street.api.smartystreets.com/street-address'
>>>payload = {'auth-id':'xxxxxx','auth-token':'xxxxx'}
>>>body = [{"street":"1 Santa Claus","city":"North Pole","state":"AK","candidates":10},{"addressee":"Apple Inc","street":"1 infinite loop","city":"cupertino","state":"CA","zipcode":"95014","candidates":10}]
>>>headers = {'Content-Type':'application/json; charset=utf-8', 'Host':'us-street.api.smartystreets.com'}
>>>r = request.post(url, data=payload, json=body, headers=headers)
>>>r.status_code
401
>>>r.url
https://us-street.api.smartystreets.com/street-address
Any help would be appreciated.
Link to api documentation: https://smartystreets.com/docs/cloud/us-street-api
According to the documentation, your auth credentials should be in the URL's query string, not in the body. So use params=payload instead of data=payload.
Basically, as the API does not find your auth credentials in the right place, it assumes you are not authenticaled/signed in, hence the 401 status code.
I have gone through all the questions on stackoverflow related to this but I can't solve my problem. When I am implementing the follwing code,it runs successfully without any error but nothing gets printed.
import requests
payload = {'username': 'user','password': 'pass'}
with requests.Session() as s:
p = s.post(' file-transfers.in/login.php?rid=worlddomains',
params=payload)
r = s.get('http://file-transfers.in/member_arean.php')
print r.text
There is a whole chapter about Authentication in the Python requests docs.
Basic Authentication
Many web services that require authentication accept HTTP Basic Auth.
This is the simplest kind, and Requests supports it straight out of
the box.
Making requests with HTTP Basic Auth is very simple:
>>> from requests.auth import HTTPBasicAuth
>>> requests.get('https://api.github.com/user', auth=HTTPBasicAuth('user', 'pass'))
<Response [200]>
In fact, HTTP Basic Auth is so common that Requests provides a handy
shorthand for using it:
>>> requests.get('https://api.github.com/user', auth=('user', 'pass'))
<Response [200]>
Providing the credentials in a tuple like this is exactly the same as
the HTTPBasicAuth example above.
The website in question is expecting you to send your username/pass as POST data, not as URL params so:
payload = {'username': 'user','password': 'pass'}
with requests.Session() as s:
p = s.post('http://file-transfers.in/login.php?rid=worlddomains', data=payload)
r = s.get('http://file-transfers.in/member_arean.php')
print(r.text)
There might be more to it once the login passes, but without an account we cannot check what's going on.
I have to admit I am complitely clueless about this: I need to login to this site https://segreteriaonline.unisi.it/Home.do and then perform some actions. Problem is I cannot find the form to use in the source of the webpage, and I basically have never tried to login to a website via python.
This is the simple code I wrote.
import requests
url_from = 'https://segreteriaonline.unisi.it/Home.do'
url_in = 'https://segreteriaonline.unisi.it/auth/Logon.do'
data = {'form':'1', 'username':'myUser', 'password':'myPass'}
s = requests.session()
s.get(url_from)
r = s.post(url_in, data)
print r
Obviously, what i get is:
<Response [401]>
Any suggestions?
Thanks in advance.
You need to use the requests authentication header.
Please check here:
from requests.auth import HTTPBasicAuth
requests.get('https://api.github.com/user', auth=HTTPBasicAuth('user', 'pass'))
<Response [200]>
That site appears to not have a login form, but instead uses HTTP Basic auth (causing the browser to request the username and password). requests supports that via the auth argument to get - so you should be able to do something like this:
s.get(url_in, auth=('myUser', 'myPass'))
I'm trying to use github oauth. I'n using urllib and urllib2 and have this code:
def github_login(request):
post_data = [('client_id','****'),('redirect_uri','http://localhost:8000/callback')]
result = urllib2.urlopen('https://github.com/login/oauth/authorize', urllib.urlencode(post_data))
content = result.read()
And after sending query I have httperror 403. I had already configured allowed_hosts in settings.py
From my expirence I know that working with urllib is rly hard, I would suggest to use requests
http://requests.readthedocs.org/en/latest/
You can easly send the get:
r = requests.get('https://api.github.com/user', auth=('user', 'pass'))