使用python请求登录失败

Question

我试图使用请求来模拟https://www.recreation.gov/的登录。要做到这一点，我首先使用chrome检查了解请求的详细信息，如下所示：

Request URL: https://www.recreation.gov/api/accounts/login
Request Method: POST
Status Code: 200 
Remote Address: 1.2.3.4
Referrer Policy: no-referrer-when-downgrade

request header:
:authority: www.recreation.gov
:method: POST
:path: /api/accounts/login
:scheme: https
:accept: application/json, text/plain, */*
:accept-encoding: gzip, deflate, br
:accept-language: en-US,en;q=0.9
:cache-control: no-cache, no-store, must-revalidate
:content-length: 70
:content-type: application/json;charset=UTF-8
:cookie: alongcookie
:origin: https://www.recreation.gov
:pragma: no-cache
:referer: https://www.recreation.gov/
:sec-fetch-mode: cors
:sec-fetch-site: same-origin
:user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36


request payload:
{'username': 'myusername', 'password': 'mypassword'}

这是我的代码：

headers = {
  "authority": "www.recreation.gov",
  "method":"POST",
  "scheme": "https",
  "accept": "application/json, text/plain, */*",
  "accept-encoding": "gzip, deflate, br",
  "accept-language": "en-US,en;q=0.9",
  "cache-control": "no-cache, no-store, must-revalidate",
  "content-length": "70",
  "content-type": "application/json;charset=UTF-8",
  "origin": "https://www.recreation.gov",
  "referer":"https://www.recreation.gov/",
  "sec-fetch-mode": "cors",
  "sec-fetch-site": "same-origin",
  'user-agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36'
}

with requests.Session() as s:
  s.headers = headers
  url = 'https://www.recreation.gov/api/accounts/login'
  payload = {'username': 'myusername', 'password': 'mypassword'}
  response = s.post(url, data=payload)
  print(response)

但我总是有：

​

403禁止

\n行政规则禁止的要求。

​

Answer 1

请查看请求头：

:content-type: application/json;charset=UTF-8

这意味着您的请求主体应该被编码为JSON。

所以改变

response = s.post(url, data=payload)

至：

response = s.post(url, json=payload)