Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.
any generic guide to REST API + python?
-
Hi Michael,
Probably the most useful post would have been here but I have cleaned it up (Woody's removal of the password header doesn't work, and I like newlines in my prints usually) and reproduced it below:
#!/usr/bin/python import requests s = requests.Session() s.headers.update({'Accept': 'application/json', 'Accept-Encoding': 'gzip,deflate,sdch', 'password': 'admin'}); #Show session headers print s.headers, "\n\n" r = s.get('http://localhost/rest/v1/login/admin'); #r = s.get('http://localhost:8080/rest/v1/login/admin'); #Show headers sent print r.request.headers, "\n\n" #Show Login response JSON print r.text, "\n\n" #Remove password from headers del s.headers["password"] #you may need to set your X-Xsrf-Token header from the cookie, if so uncomment next line. #s.headers["X-Xsrf-Token"] = s.cookies["XSRF-TOKEN"] #Show all data points r = s.get('http://localhost/rest/v1/data-points'); print r.text, "\n\n" -
@phildunlap that worked brilliantly! cheers. -Michael
-
For anyone still having issues logging in, I could only see the v2 login option on my swagger and decided to tackle it. I am a COMPLETE beginner to Python but it was very frustrating to figure this out, so I thought I'd post it:
#!/usr/bin/python import requests s = requests.Session() s.headers.update({'Accept': 'application/json', 'Accept-Encoding': 'gzip,deflate,sdch'}); s.headers["X-Xsrf-Token"] = s.cookies["XSRF-TOKEN"] #print s.headers r = s.post('http://localhost/rest/v2/login',data='{"username":"admin","password":"yourPasswordHere"}')I receive <Response [200]> when I send this, and 403 when I do it any other way. Hope this helps someone!
-
Thanks for contributing what you got it working with!
-
@phildunlap Alright I'm sure you never tire of hearing from me, but I can't figure this out...I can successfully log in, and even though I continue using the same session (afaik), I can't seem to do anything but login. I'm sure it's my fault, but ... please help!
#!/usr/bin/python import requests s = requests.Session() s.headers.update({'Accept': 'application/json', 'Accept-Encoding': 'gzip,deflate,sdch'}) r = s.get('http://localhost/') s.headers["X-Xsrf-Token"] = s.cookies["XSRF-TOKEN"] print(s.headers) r = s.post('http://localhost/rest/v2/login',data='{"username":"admin","password":"yourPasswordHere"}') print(r) r = s.get('http://localhost/rest/v2/event-types') print(r)outputs:
{'Connection': 'keep-alive', 'User-Agent': 'python-requests/2.4.3 CPython/2.7.9 Linux/3.10.82+', 'X-Xsrf-Token': 'c5bb2d4c-bf26-46da-ae68-ac1543f9fbd4', 'Accept': 'application/json', 'Accept-Encoding': 'gzip,deflate,sdch'} <Response [200]> <Response [401]> -
Best not to worry about my internal state! It's an invitation for me to reflect on that, not the issue at hand, and nobody wants that!
I fixed up your script below. Notably, you have to supply an XSRF token on your request to the login page, then change that token based on the response. You are setting the header from the login response before you log in! There is also the mysterious
r = s.get('http://localhost/')that isn't doing anything good, and the content-type needed to be set for the POST, like,#!/usr/bin/python import requests s = requests.Session() s.headers.update({'Cookie':'XSRF-TOKEN=dc1d54de-fab1-4405-8ccb-ea677aadf7ca','X-Xsrf-Token':'dc1d54de-fab1-4405-8ccb-ea677aadf7ca','Accept': 'application/json', 'Accept-Encoding': 'gzip,deflate,sdch'}) s.headers["Content-Type"] = "application/json" r = s.post('http://localhost/rest/v2/login',data='{"username":"admin","password":"yourpasswordhere"}') print(r.headers) del s.headers["Cookie"] del s.headers["X-Xsrf-Token"] s.headers.update({"X-Xsrf-Token": s.cookies["XSRF-TOKEN"]}) del s.headers["Content-Type"] print(s.headers) r = s.get('http://localhost/rest/v2/event-types') print(r.text)The value I supplied for the initial cookie doesn't matter, it just needs to match the X-Xsrf-Token header along with it.
-
@phildunlap Thank you! Firstly, it worked. Secondly, I added that mysterious get line to add the cookies to the request, and it seemed to work since I got the 200 response, but not in the "correct" way ? The requests looks really weird to me, but it works! Yay! Thank you!
-
Ah! That would probably work, I never thought of getting the login page to have it set the cookie in the script. It may only have been setting the Content-Type header that was missing.
-
@phildunlap Ah! Well, this way creates less requests, so it's better anyways! Glad to know I wasn't crazy, just lazy =P
-
For anyone reading this thread, if you use Mango v3.3 you can now generate JWT authentication tokens from the users page on the new UI and use these to authenticate instead of logging in from your script.
You do not need to use any CSRF/XSRF protection cookies/headers when using JWT authentication.
Just set the one header on every request -
Authorization: Bearer <token>
