Merge pull request #2920 from andrewbaldwin44/feature/csrf-example

Add CSRF example
locustio · Oct 2, 2024 · 832d192 · 832d192
2 parents 55b71a1 + 513a708
commit 832d192
Showing 1 changed file with 29 additions and 0 deletions.
diff --git a/examples/csrf_form_authentication.py b/examples/csrf_form_authentication.py
@@ -0,0 +1,29 @@
+from locust import HttpUser, between, task
+
+import re
+
+
+class WebsiteUser(HttpUser):
+    host = "http://127.0.0.1:8089"
+    wait_time = between(2, 5)
+
+    @task
+    def authenticate(self):
+        with self.client.get("/sign-in", catch_response=True) as response:
+            match = re.search(
+                r'<form.*name="authenticity_token"[^>]*value="([^"]*)"',
+                response.text,
+            )
+            token = match.group(1)
+
+        with self.client.post(
+            "/sign-in",
+            {
+                "user[email]": "username",
+                "user[password]": "password",
+                "authenticity_token": token,
+            },
+            catch_response=True,
+        ) as response:
+            if "welcome" not in response.url:
+                response.failure("Login failed")