0

I'm new with cURL and Requests and I have a doubt on how I can transform a cURL petition to a Requests command in Python.

Looking at Apache Stratos documentation Doc Page to perform a login against the server, in cURL you use:

curl -X GET -H "Content-Type: application/json" -k -v -u admin:admin https://localhost:9443/api/session

And it works on the terminal. Now, I want to do the same on my Django website and to transform the curl URL to python code and use the module "requests" I don't know how pass the user and pass info on the petition.

The code that I have now it's:

headers = {'Content-Type':'application/json'}
data = {}
req = requests.post('https://localhost:9443/api/session', headers=headers, params=data)

But I don't know how pass the user and password so I tried this (Requests Python Login Tutorial)

data = {"username":"admin","password":"admin"}

But I get a certificate error from server:

File "/usr/lib/python2.7/dist-packages/requests/adapters.py", line 385, in send raise SSLError(e)
requests.exceptions.SSLError: [Errno 1] _ssl.c:510: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

So, I'm sending correctly the user and password? How I can solve the certificate error?

Thanks and regards

Improve this question
3
  • You're on localhost. Is it absolutely critical to use SSL? Try http://localhost:9443/api/session . Python requests is actually very smooth dealing with SSL, but a valid SSL cert on localhost seems unlikely.
    – Juan Tomas
    Commented Jun 28, 2016 at 14:57
  • Yes, all URL's on the doc page uses Https and when you access to the login page on Firefox, you need to add a security exception to see the page.
    – MinionAttack
    Commented Jun 28, 2016 at 15:04
  • 1
    Looks like you've got two answers to choose from :)
    – Juan Tomas
    Commented Jun 28, 2016 at 15:07

3 Answers 3

Reset to default
3

You can turn off SSL cert verification with the verify flag, and use basic authentication by specifying auth.

from requests.auth import HTTPBasicAuth

req = requests.post('https://localhost:9443/api/session', headers=headers, auth=HTTPBasicAuth('admin', 'admin'), verify=False)

See the requests docs for more info.

Improve this answer
1
  • Yes, I found it after try @Sam answer. But thanks anyway :)
    – MinionAttack
    Commented Jun 28, 2016 at 15:10
2

You are using your localhost which almost certainly doesn't have a valid certificate.

For testing purposes disable ssl verification (it is still encrypted just not verifying certificate)

req = requests.post('https://localhost:9443/api/session', headers=headers, params=data, verify=False)
Improve this answer
2
  • verify=False Nice.
    – Juan Tomas
    Commented Jun 28, 2016 at 14:59
  • Thanks, I didn't know this flag!
    – MinionAttack
    Commented Jun 28, 2016 at 15:03
0

After the @Sam solution and looking on the Requests Auth Doc Page I found the solution:

The Python Resquest code it's:

requests.get('https://localhost:9443/api/session', headers=headers, auth=HTTPBasicAuth('admin', 'admin'), verify=False)

The "params" field it's not needed.

And then:

u'{"Success":{ "sessionId": "547D78FD4966DDBE21AEFDAECE909DEC"}}'

Hope it helps someone!

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.