Use mobile for authentication

2026-02-03 11:03:15 +08:00 · 2023-02-18 23:28:29 +08:00
parent 8703b4eb81
commit 6c971ccb49
6 changed files with 104 additions and 142 deletions
--- a/.github/workflows/docker-run.yml
+++ b/.github/workflows/docker-run.yml
@@ -7,9 +7,9 @@ on:
    types:
      - completed

-  # Uncomment below to schedule your job
+  # UTC时间，对应Beijing时间 9：30
  # schedule:
-  #   - cron: "00 01 * * *"
+  #   - cron: "30 1 * * *"

 jobs:
  container-test-job:
@@ -17,7 +17,10 @@ jobs:
    container:
      image: enwaiax/smzdm_bot
      env:
-        SMZDM_COOKIE: ${{ secrets.SMZDM_COOKIE }}
+        ANDROID_COOKIE: ${{ secrets.ANDROID_COOKIE }}
+        TOKEN: ${{ secrets.TOKEN }}
+        SK: ${{ secrets.SK }}
+        USER_AGENT: ${{ secrets.USER_AGENT }}
        PUSH_PLUS_TOKEN: ${{ secrets.PUSH_PLUS_TOKEN }}
        SC_KEY: ${{ secrets.SC_KEY }}
        TG_BOT_TOKEN: ${{ secrets.TG_BOT_TOKEN }}
--- a/.github/workflows/run.yml
+++ b/.github/workflows/run.yml
@@ -1,38 +0,0 @@
-name: "SMZDM Check-in Bot"
-
-on:
-  workflow_dispatch:
-
-  # 取消下面两行注释，务必自行更改为随机时间
-  # schedule:
-  #   - cron: "30 1 * * *"
-
-env:
-  TZ: Asia/Shanghai
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          submodules: true
-
-      - name: Set up Python
-        uses: actions/setup-python@v4
-        with:
-          python-version: 3.9
-
-      - name: Install requirements
-        run: |
-          pip install -r requirements.txt
-
-      - name: Working
-        env:
-          SMZDM_COOKIE: ${{ secrets.SMZDM_COOKIE }}
-          PUSH_PLUS_TOKEN: ${{ secrets.PUSH_PLUS_TOKEN }}
-          SC_KEY: ${{ secrets.SC_KEY }}
-          TG_BOT_TOKEN: ${{ secrets.TG_BOT_TOKEN }}
-          TG_USER_ID: ${{ secrets.TG_USER_ID }}
-        run: python main.py
--- a/7
+++ b/7
@@ -1,18 +1,17 @@
 FROM python:alpine as builder

-RUN apk update && apk add  --no-cache tzdata alpine-sdk libffi-dev ca-certificates
+RUN apk update && apk add  --no-cache tzdata ca-certificates
 ADD requirements.txt /tmp/
-RUN pip3 install --user -r /tmp/requirements.txt && rm /tmp/requirements.txt
+RUN pip3 install --user -r /tmp/requirements.txt


 FROM python:alpine
 WORKDIR /smzdm_bot
 ENV TZ=Asia/Shanghai

-RUN apk update && apk add  --no-cache ffmpeg vnstat
 COPY --from=builder /root/.local /usr/local
 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo
 COPY . /smzdm_bot

-CMD python scheduler.py
+CMD [ "python", "scheduler.py" ]
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@
 ## 1. 实现功能

 - `什么值得买`每日签到
- Github Action(两种配置方式，直接运行或者调用 Docker 运行), **务必自行更改为随机时间**
+- Github Action 定时执行, **务必自行更改为随机时间**
 - 本地 Docker 定时运行
 - 通过`pushplus`推送运行结果到微信(不推荐)
 - 通过`server酱`推送运行结果到微信
@@ -19,25 +19,20 @@

 ## 2. 使用方法

-### 2.1 Git action 运行
+### 2.1 Git Action 运行

 **务必自行更改为随机时间**

-1. Fork[此仓库项目](https://github.com/Chasing66/smzdm_bot)>点击右上角 Fork 按钮即可, 欢迎点`star`~
-2. 修改 `.github/workflows/run.yml`里的下面部分, 取消注释，修改为你自己的时间
+1. Fork[此仓库项目](https://github.com/Chasing66/smzdm_bot)>, 欢迎`star`~
+2. 修改 `.github/workflows/docker-run.yml`里的下面部分, 取消`schedule`两行的注释，自行设定时间

 ```yaml
-name: "SMZDM Check-in Bot"
-
-on:
-  workflow_dispatch:
-
-  # UTC时间，对应Beijing时间 9：30
-  schedule:
-    - cron: "30 1 * * *"
+# UTC时间，对应Beijing时间 9：30
+schedule:
+  - cron: "30 1 * * *"
 ```

-3. Secret 新增`SMZDM_COOKIE`, 填入[什么值得买官网](https://www.smzdm.com/)获取的 Cookie 信息, [详见](#31-Cookie获取方法)
+3. Secret 新增`ANDROID_COOKIE`,`SK` ,`USER_AGENT`，`TOKEN` [方法详见](#31-手机抓包)
 4. (可选) Secret 新增`PUSH_PLUS_TOKEN`用于推送通知, [详见](https://www.pushplus.plus/)
 5. (可选) Secret 新增`SC_KEY`用于推送通知, [详见](https://sct.ftqq.com/)
 6. (可选) Secret 新增`TG_BOT_TOKEN` 和`TG_USER_ID`用于推送通知
@@ -45,11 +40,7 @@ on:

 ### 2.2 本地运行

-配置`config.toml`运行, 生成`config/config_example.toml`并按照需求配置
-
-```
-cp config/config_example.toml config/config.toml
-```
+复制`config/config_example.toml`为`config/config.toml`，并按照需求配置

 ### 2.3 本地 docker 运行

@@ -58,30 +49,36 @@ cp config/config_example.toml config/config.toml
 本地生成一个`.env` 文件, 用于配置 docker-compose.yml 运行所需要的环境变量， 如下:

 ```
-SMZDM_COOKIE=
-PUSH_PLUS_TOKEN=
-SC_KEY=
-TG_BOT_TOKEN=
-TG_USER_ID=
-# 定时设定(可选)， 若没有设定则随机定时执行
+# Cookie
+USER_AGENT = ""
+ANDROID_COOKIE = ""
+SK = ""
+TOKEN = ""
+
+# Notification
+PUSH_PLUS_TOKEN = ""
+SC_KEY = ""
+TG_BOT_TOKEN = ""
+TG_USER_ID = ""
+
+# 定时设定(可选)， 若未设定则随机定时执行
 SCH_HOUR=
 SCH_MINUTE=
 ```

-### 2.4 使用 Cookie Editor
-
-也可以使用浏览器扩展 [Cookie Editor](https://microsoftedge.microsoft.com/addons/detail/cookie-editor/oaaopmblghnnjfgbgmflnkjkilhihdpb)导出 cookies, 另存为`cookies.json`在项目的根目录
-
 ## 3. 其它

-### 3.1 Cookie 获取方法
+### 3.1 手机抓包

- 使用 Chrome 浏览器访问[什么值得买官网](https://www.smzdm.com/), 登录账号
- 打开开发者工具 (Windows 快捷键`F12`, MacOS 快捷键`option + command + i`)
- 选择 Network, 刷新页面, 选择第一个`www.smzdm.com`, 找到`Requests Headers`里的`Cookie`
+抓包工具可使用 HttpCanary，教程参考[HttpCanary 抓包](https://juejin.cn/post/7177682063699968061)
+
+1. 按照上述教程配置好 HttpCanary
+2. 开始抓包，并打开什么值得买 APP
+3. 过滤域名为`user-api.smzdm.com`的 post 请求

 ## 更新日志

 - 2022-12-08, 签到失败，浏览器端签到需要滑动验证码认证
 - 2023-01-11, 更改`User-Agent`为`iPhone`后可`bypass`滑块认证
 - 2023-01-14, 登录认证失败, 签到失效
+- 2023-02-18, 通过安卓端验证登录，感谢[jzksnsjswkw/smzdm-app](https://github.com/jzksnsjswkw/smzdm-app)的思路。旧版代码查看[old](https://github.com/Chasing66/smzdm_bot/tree/old)分支
--- a/config/config_example.toml
+++ b/config/config_example.toml
@@ -1,8 +1,11 @@
 # Cookie
-SMZDM_COOKIE = ''
+USER_AGENT = ""
+ANDROID_COOKIE = ""
+SK = ""
+TOKEN = ""

 # Notification
-PUSH_PLUS_TOKEN = ''
-SC_KEY = ''
-TG_BOT_TOKEN = ''
-TG_USER_ID = ''
+PUSH_PLUS_TOKEN = ""
+SC_KEY = ""
+TG_BOT_TOKEN = ""
+TG_USER_ID = ""
--- a/main.py
+++ b/main.py
@@ -1,6 +1,8 @@
-import json
+import hashlib
 import os
+import random
 import sys
+import time
 from pathlib import Path

 import prettytable as pt
@@ -13,55 +15,63 @@ from utils.file_helper import TomlHelper
 CURRENT_PATH = Path(__file__).parent.resolve()
 CONFIG_PATH = Path(CURRENT_PATH, "config")

-MANUAL_ERR_MSG = "签到失败,请从浏览器手动签到一次,并更新cookies"
-USER_AGENT = (
-    "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) "
-    "AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 "
-    "Mobile/15E148 Safari/604.1 Edg/108.0.0.0"
-)

+class SmzdmBot(object):
+    KEY = "apr1$AwP!wRRT$gJ/q.X24poeBInlUJC"

-class SMZDM_Bot(object):
-
-    DEFAULT_HEADERS = {
-        "Accept": "*/*",
-        "Accept-Encoding": "gzip, deflate, br",
-        "Accept-Language": "zh-CN,zh;q=0.9",
-        "Connection": "keep-alive",
-        "Host": "zhiyou.smzdm.com",
-        "Referer": "https://www.smzdm.com/",
-        "Sec-Fetch-Dest": "script",
-        "Sec-Fetch-Mode": "no-cors",
-        "Sec-Fetch-Site": "same-site",
-        "User-Agent": USER_AGENT,
-    }
-
-    def __init__(self):
+    def __init__(self, conf_kwargs: dict):
+        self.conf_kwargs = conf_kwargs
        self.session = requests.Session()
-        self.session.headers = self.DEFAULT_HEADERS
+        self.start_timestamp = int(time.time())
+        self._set_header()

-    def update_cookies(self, cookies):
-        self.session.cookies.update(cookies)
+    def _set_header(self):
+        request_key = f"{random.randint(10000000, 100000000) * 10000000000 + self.start_timestamp}"
+        headers = {
+            "user-agent": self.conf_kwargs.get("USER_AGENT"),
+            "request_key": request_key,
+            "cookie": self.conf_kwargs.get("ANDROID_COOKIE"),
+            "content-type": "application/x-www-form-urlencoded",
+        }
+        self.session.headers = headers

-    def set_cookies(self, cookies):
-        self.session.headers["Cookie"] = cookies
+    def _data(self):
+        time = self.start_timestamp * 1000
+        sk = self.conf_kwargs.get("SK")
+        token = self.conf_kwargs.get("TOKEN")
+        sign_str = f"f=android&sk={sk}&time={time}&token={token}&v=10.4.20&weixin=1&key={self.KEY}"
+        sign = self._str_to_md5(sign_str).upper()
+        data = {
+            "weixin": "1",
+            "captcha": "",
+            "f": "android",
+            "v": "10.4.20",
+            "sk": sk,
+            "sign": sign,
+            "touchstone_event": "",
+            "time": time,
+            "token": token,
+        }
+        return data
+
+    def _str_to_md5(self, m: str):
+        return hashlib.md5(m.encode()).hexdigest()

    def checkin(self):
-        url = "https://zhiyou.smzdm.com/user/checkin/jsonp_checkin"
-        resp = self.session.get(url)
-        if resp.status_code == 200 and resp.json()["error_code"] == 0:
+        url = "https://user-api.smzdm.com/checkin"
+        data = self._data()
+        resp = self.session.post(url, data)
+        if resp.status_code == 200 and int(resp.json()["error_code"]) == 0:
            resp_data = resp.json()["data"]
-            checkin_num = resp_data["checkin_num"]
-            days_of_week = resp_data["continue_checkin_days"]
-            gold = resp_data["gold"]
-            point = resp_data["point"]
-            exp = resp_data["exp"]
+            checkin_num = resp_data["daily_num"]
+            gold = resp_data["cgold"]
+            point = resp_data["cpoints"]
+            exp = resp_data["cexperience"]
            rank = resp_data["rank"]
            cards = resp_data["cards"]
            tb = pt.PrettyTable()
-            tb.field_names = ["签到天数", "连续签到", "金币", "积分", "经验", "等级", "补签卡"]
-            tb.add_row([checkin_num, days_of_week,
-                       gold, point, exp, rank, cards])
+            tb.field_names = ["签到天数", "金币", "积分", "经验", "等级", "补签卡"]
+            tb.add_row([checkin_num, gold, point, exp, rank, cards])
            logger.info(f"\n{tb}")
            msg = f"""⭐签到成功{checkin_num}天
            🏅金币{gold}
@@ -72,47 +82,35 @@ class SMZDM_Bot(object):
            return msg
        else:
            logger.error("Faile to sign in")
-            msg = MANUAL_ERR_MSG
+            msg = "Fail to login in"
            return msg


 def main():
-    smzdm_bot = SMZDM_Bot()
    conf_kwargs = {}

    if Path.exists(Path(CONFIG_PATH, "config.toml")):
        logger.info("Get configration from config.toml")
        conf_kwargs = TomlHelper(Path(CONFIG_PATH, "config.toml")).read()
-        SMZDM_COOKIE = conf_kwargs.get(
-            "SMZDM_COOKIE").encode("UTF-8").decode("latin-1")
-        smzdm_bot.set_cookies(SMZDM_COOKIE)
-    elif os.environ.get("SMZDM_COOKIE", None):
+    elif os.environ.get("ANDROID_COOKIES", None):
        logger.info("Get configration from env")
        conf_kwargs = {
-            "SMZDM_COOKIE": os.environ.get("SMZDM_COOKIE"),
+            "USER_AGENT": os.environ.get("USER_AGENT"),
+            "SK": os.environ.get("SK"),
+            "ANDROID_COOKIE": os.environ.get("ANDROID_COOKIE"),
+            "TOKEN": os.environ.get("TOKEN"),
            "PUSH_PLUS_TOKEN": os.environ.get("PUSH_PLUS_TOKEN", None),
            "SC_KEY": os.environ.get("SC_KEY", None),
            "TG_BOT_TOKEN": os.environ.get("TG_BOT_TOKEN", None),
            "TG_USER_ID": os.environ.get("TG_USER_ID", None),
            "TG_BOT_API": os.environ.get("TG_BOT_API", None),
        }
-        SMZDM_COOKIE = conf_kwargs.get(
-            "SMZDM_COOKIE").encode("UTF-8").decode("latin-1")
-        smzdm_bot.set_cookies(SMZDM_COOKIE)
-    elif Path.exists(Path(CONFIG_PATH, "cookies.json")):
-        logger.info("Load cookis from cookies.json")
-        with open(Path(CONFIG_PATH, "cookies.json", "r")) as f:
-            cookies = json.load(f)
-        smzdm_cookies = {}
-        for cookie in cookies:
-            smzdm_cookies.update({cookie["name"]: cookie["value"]})
-        smzdm_bot.update_cookies(smzdm_cookies)
    else:
-        logger.info("Fail to get SMZDM_COOKIE, exit")
+        logger.info("Please set cookies first")
        sys.exit(1)
-    msg = smzdm_bot.checkin()
+    msg = SmzdmBot(conf_kwargs).checkin()
    NotifyBot(content=msg, **conf_kwargs)
-    if msg == MANUAL_ERR_MSG:
+    if msg == "Fail to login in":
        logger.error("Fail the Github action job")
        sys.exit(1)