Coder Social home page Coder Social logo

Comments (9)

CharlesPikachu avatar CharlesPikachu commented on June 7, 2024

仅猜测,不知道对错,可能session长时间没和服务器有交互所以被判定失效了,浏览器里你每天都会用那个session访问微博,所以有效期长。你可以自己实验验证一下。

from decryptlogin.

1273082756 avatar 1273082756 commented on June 7, 2024

同问, 平常使用浏览器登陆微博网站,登陆一次以后,很长一段时间内都不需要再次登陆, 即便是清空了cookie, localstorage, 也能通过跳转passport.weibo.com进行自动登录, 这是什么原因

from decryptlogin.

1273082756 avatar 1273082756 commented on June 7, 2024

貌似平时在浏览器上登录微博, 他的cookie也是24小时后过期, 不过过期后会跳转login.sina.com.cn进行自动授权, 然后会刷新掉过期的cookie, 达到一个自动登录的效果, 请问作者能加上这个逻辑吗

from decryptlogin.

3dian avatar 3dian commented on June 7, 2024

貌似平时在浏览器上登录微博, 他的cookie也是24小时后过期, 不过过期后会跳转login.sina.com.cn进行自动授权, 然后会刷新掉过期的cookie, 达到一个自动登录的效果, 请问作者能加上这个逻辑吗

可能是扫码登陆的cookie有效期比较短?我测试了用手机验证码24小时后不会过期

from decryptlogin.

1273082756 avatar 1273082756 commented on June 7, 2024

貌似平时在浏览器上登录微博, 他的cookie也是24小时后过期, 不过过期后会跳转login.sina.com.cn进行自动授权, 然后会刷新掉过期的cookie, 达到一个自动登录的效果, 请问作者能加上这个逻辑吗

可能是扫码登陆的cookie有效期比较短?我测试了用手机验证码24小时后不会过期

在正常的浏览器环境内, 不管是哪种方式登录, 有效期都蛮长的(大概一周以上), 只不过每次重新打开浏览器 进入weibo.com. 会跳login授一次权, 然后xsrf-token和sub都会改变, 达到长期在线的一个目的, 但是DecryptLogin貌似只保留了相关的cookie, 并没有在每次启动模块的时候去走一遍跳login重新授一次权的动作, 所以有效期相比较于正常浏览器登录有效期短了许多(亲测最多24小时就会过期), 希望作者能够加上微博自动跳login重新授权的这样一个动作, 而不是保存一个上次授权后固定死的cookie在文件内.

from decryptlogin.

CharlesPikachu avatar CharlesPikachu commented on June 7, 2024

欢迎PR

from decryptlogin.

1273082756 avatar 1273082756 commented on June 7, 2024

欢迎PR

大概逻辑我已经理清楚了, 目前正在测试, 等测试完后提一个PR

from decryptlogin.

1273082756 avatar 1273082756 commented on June 7, 2024

重新登录需要传入第一次登录时获取的alf与alc两个参数, 然后relogin后会获得一个新的SUB, 这个SUB放在cookie内即可继续调用API


def reLogin(alf, alc):
    session = requests.session()
    userAgent = {
        'user-agent':
        'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like  Gecko) Chrome/99.0.4844.51 Safari/537.36 Edg/99.0.1150.36accept:text/html,   application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,   application/signed-exchange;v=b3;q=0.9'
    }
    def get(url, headers={}):
        if not headers.get('Cookie'):
            session.headers.update(
                {'Referer': 'https://login.sina.com.cn/sso/login.php'})
        return session.get(url=url,
                           headers=headers,
                           allow_redirects=False,
                           verify=False)

    session.trust_env = False
    headers = {'Cookie': f'ALF={alf};', }
    headers.update(userAgent)
    # 1.获取Location
    res = get(url='https://weibo.com/', headers=headers)
    location = res.headers['Location']
    if location.find('login.sina.com.cn/sso/login.php') == -1:
        print('[1]获取Location失败')
        return 1

    # 2.跳转location
    headers['Cookie'] = f'ALC={alc};'
    res = get(url=location, headers=headers)
    url = subString(r'\("(.*?)"\);', res.text)
    if len(url) == 0:
        print('[2]跳转location 未找到url')
        return 2
    SUB = subString(r'SUB=(.*?);', res.headers["Set-Cookie"])
    if len(SUB) == 0:
        print('[2]跳转location 未找到sub')
        return 3
    SUB = f"SUB={SUB[0]}; "

    # 3.获取crossdomain2地址
    url = subString(r'replace\(\"(.*?)\"', res.text)
    if len(url) == 0:
        print('[3]未找到crossdomain2地址', res.text)
        return 4
    url = url[0]

    # 4.获取passport.weibo.com/wbsso/login?ticket=
    res = get(url=url)
    url = subString(r'\[\"(.*?)\"', res.text)
    if len(url) == 0:
        print('[4]获取wbsso/login地址失败', res.text)
        return 5
    url = url[0].replace('\/', '/')

    # 5.跳转passport.weibo.com/wbsso/login?ticket=
    res = get(url=url)
    SUB = subString(r'SUB=(.*?);', res.headers['Set-Cookie'])
    if len(SUB) == 0:
        print('[5]获取SUB失败')
        return 6
    SUB = SUB[0]
    return SUB

from decryptlogin.

1273082756 avatar 1273082756 commented on June 7, 2024

欢迎PR

很抱歉我的能力水平有限, 以及对作者的项目结构不是特别熟悉, 以至于我只能以这种方式将代码提交至项目, 希望作者能merge到相关模块内

from decryptlogin.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.