How to get CSRF token in iOS?

Question

So I\'m trying to POST form data to my colleague\'s site in order login (simple username and password) from my iPhone app. However, it appears that I need a CSRF Token in o

Answer 1

in order to login (POST) with the token, of course you have to get the CSRF token first, like you said. if you do a GET call to the login page first (before you follow up with a POST), the result of the login page will return a csrf_token which you can see if you use a browser (with open developer tools pane), and look at the network pane under response content to see the csrftoken cookie set by the server. in my case:

Set-Cookie:csrftoken=PgQEgY3LAynbVeWRIzXoo2VFRLfd8Uqt; expires=Fri, 10-Nov-2017 18:59:54 GMT; Max-Age=31449600; Path=/; secure

after parsing this out of the response, set a header like:

X-CSRFToken: "PgQEgY3LAynbVeWRIzXoo2VFRLfd8Uqt" 

in your POST with the login/password info. HTH