skip to Main Content

My Django website is hosted using Apache server. I want to send data using requests.post to my website using a python script on my pc but It is giving 403 forbidden.

import json


url = "http://54.161.205.225/Project/devicecapture"
headers = {'User-Agent':
           'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36',
           'content-type': 'application/json'}


data = {
    "nb_imsi":"test API",
    "tmsi1":"test", 
    "tmsi2":"test",
    "imsi":"test API", 
    "country":"USA", 
    "brand":"Vodafone", 
    "operator":"test",
    "mcc":"aa", 
    "mnc":"jhj",
    "lac":"hfhf", 
    "cellIid":"test cell"
}
response = requests.post(url, data =json.dumps(data),headers=headers) 

print(response.status_code)

I have also given permission to the directory containing the views.py where this request will go.
I have gone through many other answers but they didn’t help.
I have tried the code without json.dumps also but it isn’t working with that also.
How to resolve this?

2

Answers


  1. After investigating it looks like the URL that you need to post to in order to login is: http://54.161.205.225/Project/accounts/login/?next=/Project/

    You can work out what you need to send in a post request by looking in the Chrome DevTools, Network tab. This tells us that you need to send the fields username, password and csrfmiddlewaretoken, which you need to pull from the page.

    You can get it by extracting it from the response of the first get request. It is stored on the page like this:

    <input type="hidden" name="csrfmiddlewaretoken" value="OspZfYQscPMHXZ3inZ5Yy5HUPt52LTiARwVuAxpD6r4xbgyVu4wYbfpgYMxDgHta">
    

    So you’ll need to do some kind of Regex to get it. You’ll work it out.

    enter image description here

    So first you have to create a session. Then load the login page with a get request. Then send a post request with your login credentials to that same URL. And then your session will gain the required cookies that will then allow you to post to your desired URL. This is an example below.

    import requests
    
    # Create session
    session = requests.session()
    
    # Add user-agent string
    session.headers.update({'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) ' +
    'AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.47 Safari/537.36'})
    
    # Get login page
    response = session.get('http://54.161.205.225/Project/accounts/login/?next=/Project/')
    
    # Get csrf
    # Do something to response.text
    
    # Post to login
    response = session.post('http://54.161.205.225/Project/accounts/login/?next=/Project/', data={
        'username': 'example123',
        'password': 'examplexamplexample',
        'csrfmiddlewaretoken': 'something123123',
    })
    
    # Post desired data
    response = session.post('http://url.url/other_page', data={
        'data': 'something',
    })
    
    print(response.status_code)
    

    Hopefully this should get you there. Good luck.

    For more information check out this question on requests: Python Requests and persistent sessions

    Login or Signup to reply.
  2. I faced that situation many times
    The problems were :

    1. 54.161.205.225 is not added to allowed hosts in settings.py
    2. the apache wsgi is not correctly configured

    things might help with debug :

    Check apache error-logs to investigate what went wrong
    try running server locally and post to it to make sure prob is not related to apache

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search