Python requests HTTP验证登录实现流程

1、场景

1）用户输入完网址后，浏览器直接弹出需要输入用户名/密码

PS：此时输入用户名密码即可登录，或者直接带着用户名密码访问网站。

假设url为http://xxx.yyy.zzz

用户名为admin

密码为123456

则访问的网址应该为http://admin:123456@xxx.yyy.zzz【http://username:password@url】

直接访问改网址即可

2）利用requests.get(url)返回状态码为401

# -*- encoding=utf-8 -*-
import requests
if __name__ == '__main__':
 url = 'http://xxxxx.yyyyyy'
 response = requests.get(url=url)
 status_code = response.status_code
 print status_code
 text = response.text
 print text

运行

401
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96％;margin:0 0 0 0;padding:6px 2％ 6px 2％;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2％;position:relative;}
.content-container{background:#FFF;width:96％;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
<h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
</fieldset></div>
</div>
</body>
</html>

2、HTTP基础验证

这是一种简单的身份认证，它是通过http的authorization请求头中，携带经过base64加密的用户名和密码而实现的一种认证

# -*- encoding=utf-8 -*-
import requests
from requests.auth import HTTPBasicAuth
if __name__ == '__main__':
 url = 'http://xxx.yyy.zzz'
 user = 'admin'
 password = '123456'
 response = requests.get(url=url, auth=HTTPBasicAuth(user, password))
 # 或者
 # response = requests.get(url=url, auth=(user, password))
 print response.status_code

3、摘要式身份认证

# -*- encoding=utf-8 -*-
import requests
from requests.auth import HTTPDigestAuth

if __name__ == '__main__':
 url = 'http://xxx.yyy.zzz'
 user = 'admin'
 password = '123456'
 response = requests.get(url, auth=HTTPDigestAuth(user, password))
 print response.status_code

如果2和3都不行，还是返回401，此时可以试试第4种

使用2和3依旧返回401,此时可以print出response.headers看一下

# -*- encoding=utf-8 -*-

import requests
from requests.auth import HTTPDigestAuth

if __name__ == '__main__':
 url = 'http://xxx.yyy.zzz'
 user = 'admin'
 password = '123456'
 response = requests.get(url, auth=HTTPDigestAuth(user, password))
 print response.status_code
 print response.headers

运行

401
{'Content-Length': '1293', 'X-Powered-By': 'ASP.NET', 'Server': 'Microsoft-IIS/7.5', 'Date': 'Fri, 05 Jun 2020 05:36:23 GMT', 'Content-Type': 'text/html', 'WWW-Authenticate': 'Negotiate, NTLM'}

打印后可看到headers中带有字样'WWW-Authenticate': 'Negotiate, NTLM'，表示需要ntlm验证，此时尝试使用第4种[/code]

4、ntlm验证

# -*- encoding=utf-8 -*-
import requests
from requests_ntlm import HttpNtlmAuth
if __name__ == '__main__':
 url = 'http://xxx.yyy.zzz'
 user = 'admin'
 password = '123456'
 response = requests.get(url, auth=HttpNtlmAuth(user, password))
 print response.status_code
 print response.headers

来源：https://www.cnblogs.com/rainbow-tan/p/13049297.html