Ad

Not Able To Login Website With Python Requests

- 1 answer

Please help me to login this website. Website : http://www.staloysiuspuc.in/student_login.aspx I tried to login using requests in python

<form method="post" action="./student_login.aspx" id="form1"> This is the form My code is :

import requests

url = "http://www.staloysiuspuc.in/student_login.aspx"
payload = {
    'ctl00$ContentPlaceHolder1$txtusername' : '*****',
    'ctl00$ContentPlaceHolder1$txtpass_1' : '*****',
    'ctl00$ContentPlaceHolder1$txtpass_2' : '*****',
    'ctl00$ContentPlaceHolder1$txtpass_3' : '*****'
}
s = requests.Session()
r = s.post(url, data=payload)
print(r.url)

I get the same url again and again. It should be redirected to www.st ......... .com/student_profile Please help

Ad

Answer

When dealing with ASP.NET sites/forms you need to also provide the obligatory hidden Postback inputs, namely:

  • __EVENTTARGET
  • __EVENTARGUMENT
  • __VIEWSTATE
  • __VIEWSTATEGENERATOR
  • __EVENTVALIDATION

These can be found as inputs of type="hidden". My suggestion is to grab these hidden variables using the BeautifulSoup4 module (link), which provides a relatively simple method for obtaining elements from a webpage. Others would opt for the re (Regular Expressions) method, which is a bit more rudamentary, but many like it for its ability to get the job done quick and with no added external dependencies.

Anyway, once you have those hidden values you would include those in your payload along with what you already have.

To understand how I've arrived here, you can look at the source code and you'll notice the __doPostBack function in multiple places like this one:

function EnterEvent(e) { 
    if (e.keyCode == 13){ 
        __doPostBack('ctl00$ContentPlaceHolder1$btnLogin', "");
    }
}

What does this mean?
This means you'll need to supply the appropriate __EVENTTARGET & __EVENTARGUMENT to the function, when sending the data, dependent on the action you're performing.

How do I figure out the appropriate values for these two variables?
For that we look at the Login button's source code:

<a id="lnkstlogin" target="_blank" rel="nofollow noreferrer" href="javascript:__doPostBack(&#39;ctl00$lnkstlogin&#39;,&#39;&#39;)">Login</a>

Here you'll see the appropriate values for these two variables that you need to pass in order for the login to be successful.

__EVENTTARGET = ctl00$lnkstlogin # and if that fails you can try the default value  ctl00$ContentPlaceHolder1$btnLogin  
__EVENTARGUMENT = '' # Empty String`

Full, working code

# python3.7
# pip install requests BeautifulSoup4
from bs4 import BeautifulSoup
import requests

page = 'http://www.staloysiuspuc.in/student_login.aspx'

sess = requests.Session()
params = {
    'ctl00$ContentPlaceHolder1$txtusername' : '***',
    'ctl00$ContentPlaceHolder1$txtpass_1' : '***',
    'ctl00$ContentPlaceHolder1$txtpass_2' : '***',
    'ctl00$ContentPlaceHolder1$txtpass_3' : '***'
}

"""
Step 1: GET page, so Session stores cookies & so we can grab the needed values to postback
"""
resp = sess.get(page)
soup = BeautifulSoup(resp.text, 'html.parser')

# Step 2: Add the discussed parameters
params['__EVENTTARGET'] = 'ctl00$ContentPlaceHolder1$btnLogin'   
params['__EVENTARGUMENT'] = ''
params['__VIEWSTATE'] = soup.find('input', id='__VIEWSTATE')['value']
params['__VIEWSTATEGENERATOR'] = soup.find('input', id='__VIEWSTATEGENERATOR')['value']
params['__EVENTVALIDATION'] = soup.find('input', id='__EVENTVALIDATION')['value']

# Step 3: Make the POST request
resp = sess.post(page, data=params)
# resp.url should be the url you said we'd be redirected to
print(resp.url)
Ad
source: stackoverflow.com
Ad