0

I'm a bit new to the python requests library, and am having some trouble accessing cookies after forms authentication. I captured packets in wireshark, and I'm certain that the cookies are being set (HTTP stream output at bottom). I'm following documentation here: https://2.python-requests.org/en/master/user/quickstart/#cookies.

My request is as follows:

r = requests.post('http://192.168.2.111/Account/LogOn', data = {'User': 'Customer', 'Password': 'Customer', 'button': 'submit'})

If I invoke print(r.cookies), The only thing that is returned is <RequestsCookieJar[]> OR, if I try to access them using r.cookies['mydeviceAG_POEWebTool'] I get a key error: KeyError: "name='mydeviceAG_POEWebTool', domain=None, path=None"

The HTTP Stream from wireshark is here:

POST /Account/LogOn HTTP/1.1
Host: 192.168.2.111
User-Agent: python-requests/2.24.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
Content-Length: 49
Content-Type: application/x-www-form-urlencoded

User=Customer&Password=Customer&button=submitHTTP/1.1 302 Found
Date: Thu, 24 Sep 2020 10:30:43 GMT
Server: Apache/2.4.25 (Debian)
Location: /States
X-AspNet-Version: 4.0.30319
Cache-Control: private
Set-Cookie: mydeviceAG_POEWebTool=8081AD7E6EEEB463C0AD8458; path=/
Set-Cookie: .mydeviceAG_POEWebTool_AUTH=jmnjqmKeL0ge8fz/sYrP3Xm+ntUTnPLrWBGtKAmAvnkKIjPKYQVn9xVrRa7EUEHLTfB1KNCKjotabnb7QqnDlQlZKuQkJ0J8rLmxuxrtCMFDsa/d6jyUj/PUckJ8V0Te; path=/; expires=Thu, 24 Sep 2020 13:30:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 112
Keep-Alive: timeout=5, m=100
Connection: Keep-Alive
Content-Type: text/html

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/States">here</a></h2>
</body><html>

** After reading the link offered by @D-E-N below, and searching around a bit, I tried the code below, which gets me further, but only stores the first of two cookies in the cookie jar. The server sends back two cookies:

Set-Cookie: AG_POEWebTool=9E508CCAE50EACB4AD1B33D8; path=/
Set-Cookie: .AG_POEWebTool_AUTH=WaXAtyh/tGnoZFPIiV4xoF6BhwGbr0jlaFq

but the only cookie stored is the AG_POEWebTool one. **

with requests.Session() as s:
  s.get('http://192.168.2.111/Account/LogOn', timeout = 5, params = {'ReturnUrl':'%2fLogfiles'}, proxies = proxies)
  r = s.post('http://192.168.2.111/Account/LogOn', data = {'User': 'Customer', 'Password': 'Customer', 'button': 'submit'}, timeout = 5, params = {'ReturnUrl':'%2fLogfiles'}, proxies = proxies)
  cookiedict = s.cookies.get_dict()
  print('URL:')
  for item in cookiedict.items():
    print(item)

  response=s.get('http://192.168.2.111/Logfiles')

This is the response that I get:

cookiedict items:
('AG_POEWebTool', '471B4EB1153E4733E0EA1A40')
Process finished with exit code 0
kgeil
  • 1
  • 1
  • i think this is a duplicate, please look at this question, may this helps https://stackoverflow.com/questions/25091976/python-requests-get-cookies – D-E-N Sep 24 '20 at 18:29
  • Thank you @D-E-N, sessions were certainly where I was headed. Unfortunately, when I try to use a session, only one of two cookies are stored in the session. Can you point me to any post or documentation that describes how to use all cookies passed in the HTTP response from the server? Thanks! Kevin – kgeil Sep 28 '20 at 14:44
  • Maybe you can find here some help for `resquests.Session` https://requests.readthedocs.io/en/master/user/advanced/ , But if you can not share code (and a publicly reachable site) ist is very hard to help you. – D-E-N Sep 28 '20 at 17:08
  • Hi @D-E-N, I added some code above. I tried to do it in this comment, but character limitations and formatting made it difficult. Basically the server returns two cookies, but I can only see one in the session cookie jar. This might be a limitation of the python requests library. I do see others with this particular problem when using forms-based authentication. If you have any further advice, I'd love to hear it. Otherwise, thank you for your help. Kevin – kgeil Sep 28 '20 at 20:34

0 Answers0