朋友想通过wap.10086.cn获取用户自己在中国移动的积分,我使用fiddler和chrome的开发工具分析了下整个登录过程。
访问touch.10086.cn,输入手机号和密码,会首先检测是否需要输入验证码。
之后会点击登录,会跳到login.10086.cn获取到artifact。
然后通过302到http://touch.10086.cn/i/v1/auth/getArtifact2?backUrl=http%3A%2F%2Ftouch.10086.cn%2Fi%2Fmobile%2Fhome.html&artifact=xxx,获取到jsessionid-echd-cpt-cmcc-jt
之后再请求http://touch.10086.cn/i/v1/point/sum/13911006135?time=2016630120927600&channel=02就可以得到用户的积分等信息
具体的代码是:
def get_score(self): inputCode = '' # 首页 url_home = "http://touch.10086.cn/" # 是否需要输入验证码 url_need_verify = "https://login.10086.cn/needVerifyCode.htm?account=" + str(self.username) + "×tamp=" + self.getFullTime() # 获取验证码 get_inputcode_url = 'https://login.10086.cn/captchazh.htm?type=10' url_login = "https://login.10086.cn/login.htm?accountType=01&pwdType=01&account=" + str(self.username) + "&password=" + str(self.passwd) + "&inputCode={inputCode}&backUrl=http%3A%2F%2Ftouch.10086.cn%2Fi%2Fmobile%2Fhome.html&rememberMe=0&channelID=12014&protocol=https%3A×tamp=" + self.getFullTime() # 获取jsession url_artifact = 'http://touch.10086.cn/i/v1/auth/getArtifact2?backUrl=http%3A%2F%2Ftouch.10086.cn%2Fi%2Fmobile%2Fhome.html&artifact={artifact}' # 欢迎页 url_welcome = "http://touch.10086.cn/i/mobile/home.html?welcome=" + self.getFullTime() # 获取积分url url_point = "http://touch.10086.cn/i/v1/point/sum/" + str(self.username) + "?time=" + self.getFullTime() + "&channel=02" # 退出登录 url_logout = "http://touch.10086.cn/i/v1/auth/userlogout?time=" + str(self.username) + "&channel=02" # 检查是否需要输入验证码 header = { 'User-Agent': self.userAgent, 'Cache-Control': 'no-cache', "Accept": "application/json, text/javascript, */*; q=0.01", 'Connection': 'Keep-Alive', 'Referer': 'https://login.10086.cn/html/login/touch.html?channelID=12014&backUrl=http://touch.10086.cn/i/mobile/home.html' } responeVerify = self.get_html(url_need_verify, headers=header) checkVerify = json.loads(responeVerify.read()) if checkVerify['needVerifyCode'] == '1': headerImg = { 'User-Agent': self.userAgent, 'Content-Type': 'image/jpeg', 'Cache-Control': 'no-cache', 'Accept': '*/*', 'Connection': 'Keep-Alive', 'Referer': 'https://login.10086.cn/html/login/touch.html?channelID=12014&backUrl=http://touch.10086.cn/i/mobile/home.html' } responseImg = self.get_html(get_inputcode_url, headers=headerImg) f = open('tmp/image.jpg', 'wb') f.write(responseImg.read()) f.close() inputCode = raw_input("请输入验证码") url_login = url_login.replace("{inputCode}", inputCode) # 获取artifact responeLogin = self.get_html(url_login, headers=header) loginInfo = json.loads(responeLogin.read()) if loginInfo['code'] != "0000": self.uuwise.reportError(code_id); print "验证失败" os._exit(0) # 获取jsession header = { 'User-Agent': self.userAgent, 'Cache-Control': 'no-cache', 'Accept': "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8", 'Connection': 'Keep-Alive', 'Referer': 'http://touch.10086.cn/i/mobile/home.html?welcome=' + self.getFullTime() } url_artifact = url_artifact.replace("{artifact}", loginInfo['artifact']) responseSession = self.get_html(url_artifact, headers=header) # 访问首页 responseWelcome = self.get_html(url_welcome, headers=header) # 获取积分 header = { 'User-Agent': self.userAgent, 'Cache-Control': 'no-cache', 'Accept': "application/json, text/javascript, */*; q=0.01", 'Connection': 'Keep-Alive', 'Referer': 'http://touch.10086.cn/i/mobile/home.html?welcome=' + self.getFullTime() } responsePoint = self.get_html(url_point, headers=header) pointInfo = json.loads(responsePoint.read()) # 退出登录 header = { 'User-Agent': self.userAgent, 'Cache-Control': 'no-cache', 'Accept': "application/json, text/javascript, */*; q=0.01", 'Connection': 'Keep-Alive', 'Referer': 'http://touch.10086.cn/i/mobile/home.html?welcome=' + self.getFullTime() } self.get_html(url_logout, headers=header) return pointInfo
未经许可,请勿转载