Don't strip the last \ its part of a legacy validity check. Always pass whatever you get back the way you for it.

On Sun, Feb 19, 2017 at 1:49 AM Michael <> wrote:

Sorry, if it turns out as a stupid mistake, but I am at the end of my own knowledge to solve this issue on my MediaWiki 1.28 installation:


I am using a python3 script to 1) get the token, and 2) login via ‘clientlogin’, but I always receive the   

"error": {

        "code": "badtoken",

        "info": "Invalid token",


The taken is coming from     'action': 'query',     'meta': 'tokens',     'type': 'login', and I strip the last ‘\’.


This is my submission for Login:

Type: <class 'urllib.request.Request'>

Contents: {'_full_url': '', 'unredirected_hdrs': {}, '_tunnel_host': None, 'fragment': None, '_data': b'password=Lxxxxxxxx7&action=clientlogin&rememberMe=1&username=Admin&', 'origin_req_host': '', 'selector': '/api.php', 'headers': {'Content-type': 'application/x-www-form-urlencoded'}, 'type': 'https', 'unverifiable': False, 'host': ''}


Following  the same procedure via ApiSandbox is working fine.


Thank you for your help!




Mediawiki-api mailing list