Simulate logon to the Xiaomi account using Python (Tornado)

Today, I saw my colleagues participate in Xiaomi flash sales. After several weeks of attempts, I finally got a Xiaomi TV ...... After reading the flash sales process of Xiaomi, it seems that the application can be broken. So I want to write something to play with (you know ......), The first step is to simulate logon to the Xiaomi account.

Use Python to implement it. Because a Web application is written, Tornado is the framework.

First, define the application URL:

def main():    tornado.options.parse_command_line()    application = tornado.web.Application([        (r"/", MainHandler),        (r"/mibuy/", MiBuyHandler),    ],**settings)    http_server = tornado.httpserver.HTTPServer(application)    http_server.listen(options.port)    tornado.ioloop.IOLoop.instance().start()

The next step is to find the data that needs to post the past, and use Fiddler to sniff:

That is to say, the POST address is https://account.xiaomi.com/pass/serviceloginauth2.

The form parameters to be constructed are also very simple (URL encoding has been performed ): passToken = & user = www.bkjia.com & pwd = password & callback = https % 3A % 2F % 2Faccount.xiaomi.com & sid = passport & qs = % 253 Fsid % 253 Dpassport & hidden = & _ sign = KKkRvCpZoDC % 2BgLdeyOsdMhwV0Xg % 3D. That is:

post_data = urllib.urlencode({'passToken':'', 'user': 'www.bkjia.com', 'pwd': 'password', 'callback':'https://account.xiaomi.com', 'sid':'passport', 'qs':'%3Fsid%3Dpassport', 'hidden':'', '_sign':'KKkRvCpZoDC+gLdeyOsdMhwV0Xg='})path = 'https://account.xiaomi.com/pass/serviceLoginAuth2'

The following functions can also be written:

class MiBuyHandler(tornado.web.RequestHandler):    def get(self):        cj = cookielib.CookieJar()        post_data = urllib.urlencode({'passToken':'', 'user': 'www.bkjia.com', 'pwd': 'password', 'callback':'https://account.xiaomi.com', 'sid':'passport', 'qs':'%3Fsid%3Dpassport', 'hidden':'', '_sign':'KKkRvCpZoDC+gLdeyOsdMhwV0Xg='})        path = 'https://account.xiaomi.com/pass/serviceLoginAuth2'        cookieHandle = urllib2.HTTPCookieProcessor(cj)        opener = urllib2.build_opener(cookieHandle)        #opener.addheaders = [('User-agent', 'Opera/9.23')]        urllib2.install_opener(opener)        req = urllib2.Request(path, post_data)        response = urllib2.urlopen(req)        html = response.read()        self.render("mibuy.html",message=html)

How to print the cookie and print cj directly to view the cookie content.

The next thing seems very simple, that is, parsing hdcontrol (URL: http://tc.hd.xiaomi.com/hdget? Callback = hdcontrol) json.

hdcontrol({stime: 1383645496,status: {allow: true,miphone: {hdurl: "",duration: null,hdstop: true,reg: true,pmstart: false,hdstart: false},mibox: {hdurl: "",duration: null,hdstop: true,reg: true,pmstart: false,hdstart: false},mitv: {hdurl: "",duration: null,hdstop: true,reg: false,pmstart: false,hdstart: false}}})

When allow is true, hdurl has a value, such? _ A = 20131105_phone_a212a2b30e5 & _ op = choose & _ s = 72b686828 & _ m = 1 and so on. This is the real Flash sale address, if you access this address directly, you do not need to click the queuing button. You should know what to do if you know the program ......

It only applies to the current (November 2013), and may change some rules in the future.