From 6c971ccb499faebd67e266453c8fc2d9b2926f19 Mon Sep 17 00:00:00 2001 From: LuckyHunter Date: Sat, 18 Feb 2023 23:28:29 +0800 Subject: [PATCH] Use mobile for authentication --- .github/workflows/docker-run.yml | 9 ++- .github/workflows/run.yml | 38 ---------- Dockerfile | 7 +- README.md | 61 ++++++++-------- config/config_example.toml | 13 ++-- main.py | 118 +++++++++++++++---------------- 6 files changed, 104 insertions(+), 142 deletions(-) delete mode 100644 .github/workflows/run.yml diff --git a/.github/workflows/docker-run.yml b/.github/workflows/docker-run.yml index 0d4423d..d5340e3 100644 --- a/.github/workflows/docker-run.yml +++ b/.github/workflows/docker-run.yml @@ -7,9 +7,9 @@ on: types: - completed - # Uncomment below to schedule your job + # UTC时间,对应Beijing时间 9:30 # schedule: - # - cron: "00 01 * * *" + # - cron: "30 1 * * *" jobs: container-test-job: @@ -17,7 +17,10 @@ jobs: container: image: enwaiax/smzdm_bot env: - SMZDM_COOKIE: ${{ secrets.SMZDM_COOKIE }} + ANDROID_COOKIE: ${{ secrets.ANDROID_COOKIE }} + TOKEN: ${{ secrets.TOKEN }} + SK: ${{ secrets.SK }} + USER_AGENT: ${{ secrets.USER_AGENT }} PUSH_PLUS_TOKEN: ${{ secrets.PUSH_PLUS_TOKEN }} SC_KEY: ${{ secrets.SC_KEY }} TG_BOT_TOKEN: ${{ secrets.TG_BOT_TOKEN }} diff --git a/.github/workflows/run.yml b/.github/workflows/run.yml deleted file mode 100644 index defef8a..0000000 --- a/.github/workflows/run.yml +++ /dev/null @@ -1,38 +0,0 @@ -name: "SMZDM Check-in Bot" - -on: - workflow_dispatch: - - # 取消下面两行注释,务必自行更改为随机时间 - # schedule: - # - cron: "30 1 * * *" - -env: - TZ: Asia/Shanghai - -jobs: - build: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - submodules: true - - - name: Set up Python - uses: actions/setup-python@v4 - with: - python-version: 3.9 - - - name: Install requirements - run: | - pip install -r requirements.txt - - - name: Working - env: - SMZDM_COOKIE: ${{ secrets.SMZDM_COOKIE }} - PUSH_PLUS_TOKEN: ${{ secrets.PUSH_PLUS_TOKEN }} - SC_KEY: ${{ secrets.SC_KEY }} - TG_BOT_TOKEN: ${{ secrets.TG_BOT_TOKEN }} - TG_USER_ID: ${{ secrets.TG_USER_ID }} - run: python main.py diff --git a/Dockerfile b/Dockerfile index 9c526dd..283ab79 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,18 +1,17 @@ FROM python:alpine as builder -RUN apk update && apk add --no-cache tzdata alpine-sdk libffi-dev ca-certificates +RUN apk update && apk add --no-cache tzdata ca-certificates ADD requirements.txt /tmp/ -RUN pip3 install --user -r /tmp/requirements.txt && rm /tmp/requirements.txt +RUN pip3 install --user -r /tmp/requirements.txt FROM python:alpine WORKDIR /smzdm_bot ENV TZ=Asia/Shanghai -RUN apk update && apk add --no-cache ffmpeg vnstat COPY --from=builder /root/.local /usr/local COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo COPY . /smzdm_bot -CMD python scheduler.py +CMD [ "python", "scheduler.py" ] diff --git a/README.md b/README.md index 1133317..b667484 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ ## 1. 实现功能 - `什么值得买`每日签到 -- Github Action(两种配置方式,直接运行或者调用 Docker 运行), **务必自行更改为随机时间** +- Github Action 定时执行, **务必自行更改为随机时间** - 本地 Docker 定时运行 - 通过`pushplus`推送运行结果到微信(不推荐) - 通过`server酱`推送运行结果到微信 @@ -19,25 +19,20 @@ ## 2. 使用方法 -### 2.1 Git action 运行 +### 2.1 Git Action 运行 **务必自行更改为随机时间** -1. Fork[此仓库项目](https://github.com/Chasing66/smzdm_bot)>点击右上角 Fork 按钮即可, 欢迎点`star`~ -2. 修改 `.github/workflows/run.yml`里的下面部分, 取消注释,修改为你自己的时间 +1. Fork[此仓库项目](https://github.com/Chasing66/smzdm_bot)>, 欢迎`star`~ +2. 修改 `.github/workflows/docker-run.yml`里的下面部分, 取消`schedule`两行的注释,自行设定时间 ```yaml -name: "SMZDM Check-in Bot" - -on: - workflow_dispatch: - - # UTC时间,对应Beijing时间 9:30 - schedule: - - cron: "30 1 * * *" +# UTC时间,对应Beijing时间 9:30 +schedule: + - cron: "30 1 * * *" ``` -3. Secret 新增`SMZDM_COOKIE`, 填入[什么值得买官网](https://www.smzdm.com/)获取的 Cookie 信息, [详见](#31-Cookie获取方法) +3. Secret 新增`ANDROID_COOKIE`,`SK` ,`USER_AGENT`,`TOKEN` [方法详见](#31-手机抓包) 4. (可选) Secret 新增`PUSH_PLUS_TOKEN`用于推送通知, [详见](https://www.pushplus.plus/) 5. (可选) Secret 新增`SC_KEY`用于推送通知, [详见](https://sct.ftqq.com/) 6. (可选) Secret 新增`TG_BOT_TOKEN` 和`TG_USER_ID`用于推送通知 @@ -45,11 +40,7 @@ on: ### 2.2 本地运行 -配置`config.toml`运行, 生成`config/config_example.toml`并按照需求配置 - -``` -cp config/config_example.toml config/config.toml -``` +复制`config/config_example.toml`为`config/config.toml`,并按照需求配置 ### 2.3 本地 docker 运行 @@ -58,30 +49,36 @@ cp config/config_example.toml config/config.toml 本地生成一个`.env` 文件, 用于配置 docker-compose.yml 运行所需要的环境变量, 如下: ``` -SMZDM_COOKIE= -PUSH_PLUS_TOKEN= -SC_KEY= -TG_BOT_TOKEN= -TG_USER_ID= -# 定时设定(可选), 若没有设定则随机定时执行 +# Cookie +USER_AGENT = "" +ANDROID_COOKIE = "" +SK = "" +TOKEN = "" + +# Notification +PUSH_PLUS_TOKEN = "" +SC_KEY = "" +TG_BOT_TOKEN = "" +TG_USER_ID = "" + +# 定时设定(可选), 若未设定则随机定时执行 SCH_HOUR= SCH_MINUTE= ``` -### 2.4 使用 Cookie Editor - -也可以使用浏览器扩展 [Cookie Editor](https://microsoftedge.microsoft.com/addons/detail/cookie-editor/oaaopmblghnnjfgbgmflnkjkilhihdpb)导出 cookies, 另存为`cookies.json`在项目的根目录 - ## 3. 其它 -### 3.1 Cookie 获取方法 +### 3.1 手机抓包 -- 使用 Chrome 浏览器访问[什么值得买官网](https://www.smzdm.com/), 登录账号 -- 打开开发者工具 (Windows 快捷键`F12`, MacOS 快捷键`option + command + i`) -- 选择 Network, 刷新页面, 选择第一个`www.smzdm.com`, 找到`Requests Headers`里的`Cookie` +抓包工具可使用 HttpCanary,教程参考[HttpCanary 抓包](https://juejin.cn/post/7177682063699968061) + +1. 按照上述教程配置好 HttpCanary +2. 开始抓包,并打开什么值得买 APP +3. 过滤域名为`user-api.smzdm.com`的 post 请求 ## 更新日志 - 2022-12-08, 签到失败,浏览器端签到需要滑动验证码认证 - 2023-01-11, 更改`User-Agent`为`iPhone`后可`bypass`滑块认证 - 2023-01-14, 登录认证失败, 签到失效 +- 2023-02-18, 通过安卓端验证登录,感谢[jzksnsjswkw/smzdm-app](https://github.com/jzksnsjswkw/smzdm-app)的思路。旧版代码查看[old](https://github.com/Chasing66/smzdm_bot/tree/old)分支 diff --git a/config/config_example.toml b/config/config_example.toml index efa5f28..55affbc 100644 --- a/config/config_example.toml +++ b/config/config_example.toml @@ -1,8 +1,11 @@ # Cookie -SMZDM_COOKIE = '' +USER_AGENT = "" +ANDROID_COOKIE = "" +SK = "" +TOKEN = "" # Notification -PUSH_PLUS_TOKEN = '' -SC_KEY = '' -TG_BOT_TOKEN = '' -TG_USER_ID = '' \ No newline at end of file +PUSH_PLUS_TOKEN = "" +SC_KEY = "" +TG_BOT_TOKEN = "" +TG_USER_ID = "" diff --git a/main.py b/main.py index f6b7bec..bfe658d 100644 --- a/main.py +++ b/main.py @@ -1,6 +1,8 @@ -import json +import hashlib import os +import random import sys +import time from pathlib import Path import prettytable as pt @@ -13,55 +15,63 @@ from utils.file_helper import TomlHelper CURRENT_PATH = Path(__file__).parent.resolve() CONFIG_PATH = Path(CURRENT_PATH, "config") -MANUAL_ERR_MSG = "签到失败,请从浏览器手动签到一次,并更新cookies" -USER_AGENT = ( - "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) " - "AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 " - "Mobile/15E148 Safari/604.1 Edg/108.0.0.0" -) +class SmzdmBot(object): + KEY = "apr1$AwP!wRRT$gJ/q.X24poeBInlUJC" -class SMZDM_Bot(object): - - DEFAULT_HEADERS = { - "Accept": "*/*", - "Accept-Encoding": "gzip, deflate, br", - "Accept-Language": "zh-CN,zh;q=0.9", - "Connection": "keep-alive", - "Host": "zhiyou.smzdm.com", - "Referer": "https://www.smzdm.com/", - "Sec-Fetch-Dest": "script", - "Sec-Fetch-Mode": "no-cors", - "Sec-Fetch-Site": "same-site", - "User-Agent": USER_AGENT, - } - - def __init__(self): + def __init__(self, conf_kwargs: dict): + self.conf_kwargs = conf_kwargs self.session = requests.Session() - self.session.headers = self.DEFAULT_HEADERS + self.start_timestamp = int(time.time()) + self._set_header() - def update_cookies(self, cookies): - self.session.cookies.update(cookies) + def _set_header(self): + request_key = f"{random.randint(10000000, 100000000) * 10000000000 + self.start_timestamp}" + headers = { + "user-agent": self.conf_kwargs.get("USER_AGENT"), + "request_key": request_key, + "cookie": self.conf_kwargs.get("ANDROID_COOKIE"), + "content-type": "application/x-www-form-urlencoded", + } + self.session.headers = headers - def set_cookies(self, cookies): - self.session.headers["Cookie"] = cookies + def _data(self): + time = self.start_timestamp * 1000 + sk = self.conf_kwargs.get("SK") + token = self.conf_kwargs.get("TOKEN") + sign_str = f"f=android&sk={sk}&time={time}&token={token}&v=10.4.20&weixin=1&key={self.KEY}" + sign = self._str_to_md5(sign_str).upper() + data = { + "weixin": "1", + "captcha": "", + "f": "android", + "v": "10.4.20", + "sk": sk, + "sign": sign, + "touchstone_event": "", + "time": time, + "token": token, + } + return data + + def _str_to_md5(self, m: str): + return hashlib.md5(m.encode()).hexdigest() def checkin(self): - url = "https://zhiyou.smzdm.com/user/checkin/jsonp_checkin" - resp = self.session.get(url) - if resp.status_code == 200 and resp.json()["error_code"] == 0: + url = "https://user-api.smzdm.com/checkin" + data = self._data() + resp = self.session.post(url, data) + if resp.status_code == 200 and int(resp.json()["error_code"]) == 0: resp_data = resp.json()["data"] - checkin_num = resp_data["checkin_num"] - days_of_week = resp_data["continue_checkin_days"] - gold = resp_data["gold"] - point = resp_data["point"] - exp = resp_data["exp"] + checkin_num = resp_data["daily_num"] + gold = resp_data["cgold"] + point = resp_data["cpoints"] + exp = resp_data["cexperience"] rank = resp_data["rank"] cards = resp_data["cards"] tb = pt.PrettyTable() - tb.field_names = ["签到天数", "连续签到", "金币", "积分", "经验", "等级", "补签卡"] - tb.add_row([checkin_num, days_of_week, - gold, point, exp, rank, cards]) + tb.field_names = ["签到天数", "金币", "积分", "经验", "等级", "补签卡"] + tb.add_row([checkin_num, gold, point, exp, rank, cards]) logger.info(f"\n{tb}") msg = f"""⭐签到成功{checkin_num}天 🏅金币{gold} @@ -72,47 +82,35 @@ class SMZDM_Bot(object): return msg else: logger.error("Faile to sign in") - msg = MANUAL_ERR_MSG + msg = "Fail to login in" return msg def main(): - smzdm_bot = SMZDM_Bot() conf_kwargs = {} if Path.exists(Path(CONFIG_PATH, "config.toml")): logger.info("Get configration from config.toml") conf_kwargs = TomlHelper(Path(CONFIG_PATH, "config.toml")).read() - SMZDM_COOKIE = conf_kwargs.get( - "SMZDM_COOKIE").encode("UTF-8").decode("latin-1") - smzdm_bot.set_cookies(SMZDM_COOKIE) - elif os.environ.get("SMZDM_COOKIE", None): + elif os.environ.get("ANDROID_COOKIES", None): logger.info("Get configration from env") conf_kwargs = { - "SMZDM_COOKIE": os.environ.get("SMZDM_COOKIE"), + "USER_AGENT": os.environ.get("USER_AGENT"), + "SK": os.environ.get("SK"), + "ANDROID_COOKIE": os.environ.get("ANDROID_COOKIE"), + "TOKEN": os.environ.get("TOKEN"), "PUSH_PLUS_TOKEN": os.environ.get("PUSH_PLUS_TOKEN", None), "SC_KEY": os.environ.get("SC_KEY", None), "TG_BOT_TOKEN": os.environ.get("TG_BOT_TOKEN", None), "TG_USER_ID": os.environ.get("TG_USER_ID", None), "TG_BOT_API": os.environ.get("TG_BOT_API", None), } - SMZDM_COOKIE = conf_kwargs.get( - "SMZDM_COOKIE").encode("UTF-8").decode("latin-1") - smzdm_bot.set_cookies(SMZDM_COOKIE) - elif Path.exists(Path(CONFIG_PATH, "cookies.json")): - logger.info("Load cookis from cookies.json") - with open(Path(CONFIG_PATH, "cookies.json", "r")) as f: - cookies = json.load(f) - smzdm_cookies = {} - for cookie in cookies: - smzdm_cookies.update({cookie["name"]: cookie["value"]}) - smzdm_bot.update_cookies(smzdm_cookies) else: - logger.info("Fail to get SMZDM_COOKIE, exit") + logger.info("Please set cookies first") sys.exit(1) - msg = smzdm_bot.checkin() + msg = SmzdmBot(conf_kwargs).checkin() NotifyBot(content=msg, **conf_kwargs) - if msg == MANUAL_ERR_MSG: + if msg == "Fail to login in": logger.error("Fail the Github action job") sys.exit(1)