Clever Geek Handbook

Python-asking how to call js function to calculate some value before posting?

I am using Requests (2.2.1) to enter url http://tx3.netease.com/logging.php?action=login

, but the login logic of this url is different from Django's csrf token mechanism, i.e .:

  • When you get this url, there are two import values formhash

    and in the html text sts

    , both of which will be used in the js function do_encrypt

    (in the file http://tx3.netease.com/forumdata/cache/rsa/rsa_min.js

    ). This is ok, I can grab them easily via re.

The key part of the html text is:

<form method="post" name="login" id="loginform" class="s_clear" onsubmit="do_encrypt('ori_password','password');pwdclear = 1;" action="logging.php?action=login&amp;loginsubmit=yes">
<input type="hidden" name="formhash" value="91e54489" />
<input type="hidden" name="referer" value="http://tx3.netease.com/" />
<input type="hidden" name="sts" id="sts" value="1409414053" />
<input type="hidden" name="password" id="password" />
...
<input type="password" id="ori_password" name="ori_password" onfocus="clearpwd()" onkeypress="detectCapsLock(event, this)" size="36" class="txt" tabindex="1" autocomplete="off" />
...
</form>

2. After entering the e-mail address and original password ori_password

sent pressing cause do_encrypt

to be used formhash

, sts

and ori_password

to determine the real password password

for dict posts. A problem arises. There seems to be no way to get the string directly password

. (For comparison, you can directly get csrfmiddlewaretoken

from session_client.cookies['csrftoken']

in the Django case)

This is the code:

import requests
import json
import re

loginUrl = "http://tx3.netease.com/logging.php?action=login"

client = requests.session()

r = client.get(loginUrl)
r.encoding='gb18030'

stsPat = re.compile('<input type="hidden" name="sts" id="sts" value="(\d+?)" />')
formhashPat = re.compile('<input type="hidden" name="formhash" value="([\d\w]+?)" />')

sts = stsPat.search(r.text).groups()[0]
formhash = formhashPat.search(r.text).groups()[0]


loginData={
    'username'  : "smaller9@163.com",
    'password'  : ..., # Set by js function do_encrypt
    'referer':'/',
    'loginfield':'username',
    'ori_password':'', # it `111111`, but `do_encrypt` will set it to empty.
    'loginsubmit':'true',
    'sts':sts,
    'formhash':formhash,
    }
# r = client.post(url=loginUrl,data=loginData)
+3


source to share


1 answer


Assuming you have permission to do this, try logging in with selenium

, as I think this will go into more detail with what you are ultimately trying to do.



from selenium import webdriver

USERNAME = "foo@bar.com"
PASSWORD = "superelite"

# create a driver
driver = webdriver.Firefox()

# get the homepage
driver.get("http://tx3.netease.com/logging.php?action=login")

un_elm = driver.find_element_by_id("username")
pw_elm = driver.find_element_by_id("ori_password")
submit = driver.find_element_by_css_selector("[name=loginsubmit]")

un_elm.send_keys(USERNAME)
pw_elm.send_keys(PASSWORD)

# click submit
submit.click()

# get the PHPSESSID cookie as that has your login data, if you want to use
# it elsewhere
# print driver.get_cookies():

# do something else ...
+3


source






More articles:


All Articles