Fix cookie login #491
Merged
Fix cookie login #491
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Support captcha on twofactor path - Fix sid verification - Fix OAuth response parsing
python273
reviewed
Jul 2, 2023
| response = self.http.get(url) | ||
| elif 'redirect_uri' in response.url: | ||
| response = self.http.get(response.url) | ||
| auth_json = json.loads(search_re(RE_AUTH_TOKEN_URL, response.text)) |
Owner
There was a problem hiding this comment.
Hmm, on the first run it failed to parse it
Owner
There was a problem hiding this comment.
response status code is 429 Too Many Requests
Owner
There was a problem hiding this comment.
maybe need to add a delay between requests?
python273
reviewed
Jul 2, 2023
| } | ||
| ) | ||
|
|
||
| self.token = response.json()['response'] |
Owner
There was a problem hiding this comment.
And once failed with 🤔
{"error":{"error_code":5,"error_msg":"User authorization failed: access_token was given to another ip address","error_text":"Failed to connect to network. Please close the page and try again.",
python273
reviewed
Jul 2, 2023
|
|
||
| response = self.http.get('https://vk.com/feed2.php').json() | ||
| feed_url = 'https://vk.com/feed.php' | ||
| response = self.http.get(feed_url) |
Owner
There was a problem hiding this comment.
sometimes goes trough some redirects
0.49 GET https://vk.com/feed.php ... None 302 []
0.47 GET https://login.vk.com/?role=fast&_origin= ... None 302 []
0.18 GET https://vk.com/login.php?slogin_h= ... None 302 []
0.15 GET https://vk.com/feed.php ... None 200 []
Owner
|
And security check: It would be good to look into making it more reliable and check if possible to avoid all the redirects |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Woke up this morning and tried to log in.
Everything worked fine at the beginning, however it was constanly asking me for two-factor code. Well, I didn't care, but after a while the
statusvariable started to receive code 2, which indicated that I had to type in captcha code, I was getting the Recaptcha exception, so I had to fix this somehow. Someone suggested that using token-only auth should fix the issue, but later I needed to use an API that is only present in web version, so I needed a cookie login to get working.Using this wonderful repo I figured out what the fields in the response mean, added a captcha call in the code, and it started to pass after that.
However it wasn't enough. Although the remixsid was valid, I wasn't able to get the access_token in the _api_login function. I was getting a weird redirect to a webpage that had "grant" button. So with the help of Firefox's network logger I was able to reconstruct the algorithm, but it was painful to implement it in Python because
connect_internalmethod was giving me awrong_hosterror. After hours of checking for mistakes in the traffic I figured out that it looks atOrigin:header value - setting it explicitly toid.vk.comfixed the issue and I was finally able to log in!The only issue left is
check_sidfunction. It turns out thatfeed2.phpis completely broken now - it always gives you ID of -1 even though you logged in in the browser.feed.phpworks fine though - it redirects you to login page if you have incorrect credentials.