import pprint import sys import requests SERVER_URL = 'https://demo.canopy.checksec.com/' LOGIN_URL = SERVER_URL + 'accounts/login/' PROJECTS_URL = SERVER_URL + 'api/projects/project/' USERNAME = 'admin@checksec.com' PASSWORD = 'checksec99' # Use a session object that supports cookies s = requests.Session() # First request is to obtain a CSRF Token. This can be any URL. res = s.get(SERVER_URL + 'accounts/login/') if not res.ok: print "Failed to contact server: %s %s" % (res.status_code, res.reason) sys.exit(-1) # Set CSRF Token header csrftoken = s.headers['X-CSRFToken'] = s.cookies['csrftoken'] # Login to obtain session id # Note the referer is being set as the server verifies it and the csrftoken res = s.post(LOGIN_URL, data=dict( username=USERNAME, password=PASSWORD, csrfmiddlewaretoken=csrftoken), headers={"referer": LOGIN_URL}) if not res.ok: print "Failed to login: %s" % res.content sys.exit(-1) # At this stage the session is populated with a the sessionid and csrftoken # cookies. Additionally any request that makes modifications should include # the X-CSRFToken header. # Query Project endpoint res = s.get(PROJECTS_URL + '?limit=10') if res.ok: pprint.pprint(res.json()) else: print "Failed to query Project endpoint: %s" % res.reason
Manage space
Manage content
Integrations