Python Interface Automation 23-token Parameter association login (login Pull net)

Objective

Log on to the site, often encounter token parameters, token association is not difficult, it is difficult to find out the first time the server returned the value of the token where the location, taken out can be dynamically associated with

Login Pull-Hook net

1. First find the Login homepage https://passport.lagou.com/login/login.html, enter the account number and password login, grab the package to see the details

2. Re-login once to see the packet, the head has two parameters is dynamic, token and code values will be different each time, can only be used once

X-Anit-Forge-Token: 45aa69d8-4afa-4235-8957-9dde7af1903eX-Anit-Forge-Code: 20765316

Find where token is generated

1. Open the login home https://passport.lagou.com/login/login.html, directly press F5 refresh (only do the refresh action, do not enter the account and password), and then from the returned page to find the location of the token generated

Look at the contents of the note:

</script>    <!-- 页面样式 -->    <!-- 动态token，防御伪造请求，重复提交 -->    <script>    window.X_Anti_Forge_Token = '286fd3ae-ef82-4019-89c4-9408947a0e26';    window.X_Anti_Forge_Code = '74603111';</script>

Front-end code, comment content exposes the token location, hey!

2. Then parse the value of token and code two parameters from the returned HTML

# coding:utf-8import Requestsimport refrom BS4 Import beautifulsoup# Shanghai-long QQ Exchange Group: 512200893def Gettokencode (s): "' To extract Token,code from the login page, then add <!--page style to the header information--><!--dynamic token, defend against forgery requests, repeat submit--<script type= "Tex T/javascript "> window.            X_anti_forge_token = ' dde4db4a-888e-47ca-8277-0c6da6a8fc19 '; Window.        X_anti_forge_code = ' 61142241 '; </script> ' url = ' https://passport.lagou.com/login/login.html ' h = {' user-agent ': ' mozilla/5.0 (Windows NT 10.0; WOW64; rv:44.0) gecko/20100101 firefox/44.0 ",} # Update session headers S.headers.update (h) data = S.get (URL, verify= False) soup = BeautifulSoup (data.content, "Html.parser", from_encoding= ' utf-8 ') Tokencode = {} Try:t = so Up.find_all (' script ') [1].get_text () print (t) tokencode[' x_anti_forge_token '] = Re.findall (r "Token = ' (. +?) ' ", t) [0] tokencode[' x_anti_forge_code '] = Re.findall (r" Code = ' (. +?) ' ", T) [0] ExCept:print ("Get Token and Code failed") tokencode[' x_anti_forge_token '] = "" tokencode[' x_anti_forge_code '] = " "Return Tokencode

Analog Login

1. Log in when the password parameters, although encrypted, but is a fixed encryption, so the direct copy of the packet capture encryption string on the line.

# coding:utf-8import Requestsimport refrom BS4 import beautifulsoup# Shanghai-yo QQ Exchange Group: 512200893def Login (S, gtoken, User, PSW):  "Function: Login to hook Web site:p Aram S: pass s = requests.session ():p Aram Gtoken: Previous function Gettokencode returned Tokencode:p Aram    User: Account:p Aram PSW: Password: return: Returns JSON ' URL2 = ' Https://passport.lagou.com/login/login.json ' h2 = { "User-agent": "mozilla/5.0 (Windows NT 10.0; WOW64; rv:44.0) gecko/20100101 firefox/44.0 "," Content-type ":" application/x-www-form-urlencoded; Charset=utf-8 "," X-requested-with ":" XMLHttpRequest "," X-anit-forge-token ": gtoken[' X_anti_forge_token ']," X-Anit    -forge-code ": gtoken[' X_anti_forge_code ']," Referer ":" Https://passport.lagou.com/login/login.html ",} # Update the head of S S.headers.update (H2) BODY = {"Isvalidate": ' true ', ' username ': User, ' password ': PSW , "Request_form_verifycode": "", "Submit": ""} r2 = S.post (Url2, Data=body, verify=False) print (R2.text) return R2.json () 

Password encryption

1. Here the password is MD5 encryption (Baidu read the other big God's blog, just know)

# coding:utf-8import requestsimport refrom bs4 import BeautifulSoupimport hashlibdef encryptPwd(passwd):    # 上海-悠悠 QQ交流群：512200893    # 对密码进行了md5双重加密    passwd = hashlib.md5(passwd.encode('utf-8')).hexdigest()    # veennike 这个值是在js文件找到的一个写死的值    passwd = 'veenike'+passwd+'veenike'    passwd = hashlib.md5(passwd.encode('utf-8')).hexdigest()    return passwdif __name__ == "__main__":   # 测试密码123456   print(encryptPwd("123456"))

Output Result:

2. Comparing with the data of the grab packet, the discovery is the same, indicating that the encryption succeeds

Reference code:

# coding:utf-8import Requestsimport refrom bs4 import beautifulsoupimport urllib3import hashliburllib3.disable_        Warnings () # Shanghai-Yo QQ Exchange Group: 512200893class LOGINLGW (): Def __init__ (self, s): Self.s = s def gettokencode (self):            "To extract Token,code from the login page, then add <!--page style to the header information--><!--dynamic token, defend against forged request, repeat submit-- <script type= "text/javascript" > Window.                X_anti_forge_token = ' dde4db4a-888e-47ca-8277-0c6da6a8fc19 '; Window.            X_anti_forge_code = ' 61142241 '; </script> ' url = ' https://passport.lagou.com/login/login.html ' h = {"User-agent ":" mozilla/5.0 (Windows NT 10.0; WOW64;  rv:44.0) gecko/20100101 firefox/44.0 ",} # Update session headers Self.s.headers.update (h) data = Self.s.get (URL, verify=false) soup = BeautifulSoup (data.content, "Html.parser", from_encoding= ' Utf-8 ') to Kencode = {} Try:t = soup.Find_all (' script ') [1].get_text () print (t) tokencode[' x_anti_forge_token '] = Re.findall (r "Token = ' (.        +?) ' ", T) [0] tokencode[' x_anti_forge_code '] = Re.findall (r" Code = ' (. +?) ' ", T) [0] return Tokencode Except:print ("Get Token and Code failed") tokencode[' x_anti_forge_token '] = "" tokencode[' x_a Nti_forge_code '] = "" Return Tokencode def encryptpwd (SELF,PASSWD): # MD5 double encryption for password passwd = h ASHLIB.MD5 (Passwd.encode (' Utf-8 ')). Hexdigest () # Veennike This value is a write dead value found in the js file passwd = ' veenike ' +passwd+ ' Veen        Ike ' passwd = Hashlib.md5 (Passwd.encode (' Utf-8 ')). Hexdigest () return passwd def login (self, user, PSW): "Function: Login Web site:p Aram User: Account:p Aram PSW: Password: return: Back to JSON ' GT Oken = Self.gettokencode () print (Gtoken) print (gtoken[' X_anti_forge_token ')) print (gtoken[' x_anti_for Ge_code ']) Url2 = ' Https://passport.lagou.com/login/login.json ' h2 = {"User-agent": "mozilla/5.0 (Windows NT 10.0; WOW64; rv:44.0) gecko/20100101 firefox/44.0 "," Content-type ":" application/x-www-form-urlencoded;        Charset=utf-8 "," X-requested-with ":" XMLHttpRequest "," X-anit-forge-token ": gtoken[' X_anti_forge_token '],        "X-anit-forge-code": gtoken[' X_anti_forge_code ', "Referer": "Https://passport.lagou.com/login/login.html",                } # Update S head self.s.headers.update (h2) passwd = self.encryptpwd (PSW) BODY = { "Isvalidate": ' True ', "username": User, "password": passwd, "request_form_ve        Rifycode ":", "Submit": ""} r2 = Self.s.post (Url2, Data=body, Verify=false)            Try:print (R2.text) return R2.json except:print ("Login exception information:%s"% r2.text) return Noneif __name__ = = "__main__": s = reqUests.session () LGW = LOGINLGW (s) lgw.login ("15221000000", "123456") 

Python interface Automation 23-token Parameter association login (login pull net)