XJTU图书馆抢座位脚本--requests库

起因

图书馆逐渐严格,早上总不能每天六点起来预约吧,写脚本势在必行

关键点

上次那个web driver很不靠谱,速度慢还非内存,么的灵魂,这次直接request了,麻烦就麻烦点吧。感谢宗练61何咕咕同学的ehall登陆脚本,我参考ehall的认证写掉了图书馆的两层认证。

下面说关键点

前端加密

这里参考何咕咕的代码,对称加密,前端扒出来的。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

def encrypt_pwd(raw_pwd, publicKey='0725@pwdorgopenp'):
''' AES-ECB encrypt '''
publicKey = publicKey.encode('utf-8')
# pkcs7 padding
BS = AES.block_size
pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS)
pwd = pad(raw_pwd)
# zero padding
'''
pwd = raw_pwd
while len(raw_pwd.encode('utf-8')) % 16 != 0:
pwd += '\0'
'''
cipher = AES.new(publicKey, AES.MODE_ECB)
pwd = cipher.encrypt(pwd.encode('utf-8'))
return str(base64.b64encode(pwd), encoding='utf-8')

不加密也行,直接把自己通信时候发送的报抓住就行,反正加密是前端的。测试过,可行。

XJTU CAS认证

鬼知道这里我搞了多久,几乎一半的时间都在搞这里的跳转,没有任何技术,就是要理清认证的思路,三层还是四次跳转就完事,请求的接口均是通信中抓的。

1
2
3
4
5
6
7
8
9
10
11

url = 'https://org.xjtu.edu.cn/openplatform/g/admin/login'
cookie = {
'cur_appId_':'JL4oKidbLpQ='
}
data = {
"loginType": 1,
"username": self.config['username'],
"pwd": encrypt_pwd(self.config['password']),
"jcaptchaCode": ""
}

这里的appid是图书馆预约的id,如果同学要用其他的应用,这里必须改,因为我用何咕咕的代码直接就登录到ehall了。

中间的通信有些过程我是直接按照自己的账号邮箱写死了,其他账号可能需要改一改

预定座位的crsf_token

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

def reserve(self,kid,sp):
r = self.session.get('http://rg.lib.xjtu.edu.cn:8010/ruguan')#入关
#print('--------------------------')
nn = r.text.find('<input id="csrf_token" name="csrf_token" type="hidden" value=')
tok = r.text[nn+1+len('<input id="csrf_token" name="csrf_token" type="hidden" value='):nn+56+len('<input id="csrf_token" name="csrf_token" type="hidden" value=')]
#print(r.text[nn+1+len('<input id="csrf_token" name="csrf_token" type="hidden" value='):nn+56+len('<input id="csrf_token" name="csrf_token" type="hidden" value=')])
data={
'csrf_token':tok,
'csrf_token':tok,
'service':'seat',
'submit':'%E6%8F%90%E4%BA%A4',
'rplace':'east'
}#入馆post,比较麻烦
r = self.session.post('http://rg.lib.xjtu.edu.cn:8010/ruguan',data = data)#提交

r = self.session.get('http://rg.lib.xjtu.edu.cn:8010/seat/?kid='+kid+'&sp='+sp)
#print(r.text)
return r.status_code

比较离谱,我直接字符串查找了,不会正则表达式,emmm,这个token是预约时候独立的,很不错。

结尾

终于花了两天时间吧XJTU的CAS搞清楚了,之后也可以去写更多的脚本了,之前许多脚本都是卡在了登录认证这里。

效果还不错,至少可以去图书馆了,使用方法,早上六点给个定时任务运行抢座,中午睡起来脚本捡漏,有人离开就直接抢过来,美滋滋。

全部代码

test.py

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
#!/usr/bin/env python3
import os
import time
import json
import base64
import requests
from Crypto.Cipher import AES
import re

class XJTUUser(object):

def __init__(self, config_file_path='./config.json'):
with open(config_file_path) as config_file:
config = json.loads(config_file.read())
self.config = config
self.is_login = False
self.session = requests.Session()
self.session.headers.update(config['headers'])
self.session.cookies.update(config['cookies'])

def login(self):
def reserve(self,kid,sp):
r = self.session.get('http://rg.lib.xjtu.edu.cn:8010/ruguan')#入关
#print('--------------------------')
nn = r.text.find('<input id="csrf_token" name="csrf_token" type="hidden" value=')
tok = r.text[nn+1+len('<input id="csrf_token" name="csrf_token" type="hidden" value='):nn+56+len('<input id="csrf_token" name="csrf_token" type="hidden" value=')]
#print(r.text[nn+1+len('<input id="csrf_token" name="csrf_token" type="hidden" value='):nn+56+len('<input id="csrf_token" name="csrf_token" type="hidden" value=')])
data={
'csrf_token':tok,
'csrf_token':tok,
'service':'seat',
'submit':'%E6%8F%90%E4%BA%A4',
'rplace':'east'
}#入关post,比较麻烦
r = self.session.post('http://rg.lib.xjtu.edu.cn:8010/ruguan',data = data)#提交

r = self.session.get('http://rg.lib.xjtu.edu.cn:8010/seat/?kid='+kid+'&sp='+sp)
#print(r.text)
return r.status_code
def encrypt_pwd(raw_pwd, publicKey='0725@pwdorgopenp'):
''' AES-ECB encrypt '''
publicKey = publicKey.encode('utf-8')
# pkcs7 padding
BS = AES.block_size
pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS)
pwd = pad(raw_pwd)
# zero padding
'''
pwd = raw_pwd
while len(raw_pwd.encode('utf-8')) % 16 != 0:
pwd += '\0'
'''
cipher = AES.new(publicKey, AES.MODE_ECB)
pwd = cipher.encrypt(pwd.encode('utf-8'))
return str(base64.b64encode(pwd), encoding='utf-8')

_headers = self.config['headers']
_headers['Content-Type'] = 'application/x-www-form-urlencoded'

# start with 302 redirection from ehall
_r = self.session.get('http://rg.lib.xjtu.edu.cn:8010/auth/login/?next=%2Fseat%2F')

# get cookie route
self.session.get('https://org.xjtu.edu.cn/openplatform/login.html')

# get JcaptchaCode and cookie JSESSIONID & sid_code
r_JcaptchaCode = self.session.post('https://org.xjtu.edu.cn/openplatform/g/admin/getJcaptchaCode',
headers=_headers)

# is_JcaptchaCode_show
url = 'https://org.xjtu.edu.cn/openplatform/g/admin/getIsShowJcaptchaCode'
params = {
'userName': self.config['username'],
'_': str(int(time.time() * 1000))
}
r = self.session.get(url, params=params, headers=_headers)
print(r.text)
# login
url = 'https://org.xjtu.edu.cn/openplatform/g/admin/login'
cookie = {
'cur_appId_':'JL4oKidbLpQ='
}
data = {
"loginType": 1,
"username": self.config['username'],
"pwd": encrypt_pwd(self.config['password']),
"jcaptchaCode": ""
}
_headers['Content-Type'] = 'application/json;charset=UTF-8'
r = self.session.post(url, data=json.dumps(data), headers=_headers,cookies=cookie)
print(r.text)
token = json.loads(r.text)['data']['tokenKey']

cookie = {
'cur_appId_':'JL4oKidbLpQ=',
'open_Platform_User' : token
}
r=self.session.get('http://org.xjtu.edu.cn/openplatform/oauth/auth/getRedirectUrl?userType=1&personNo=2176112723&_=1590998261976',cookies = cookie)
print(r.text)
r=self.session.get(json.loads(r.text)['data'])


r=self.session.get('http://rg.lib.xjtu.edu.cn:8080/bxusr/link.jsp?uid=gwy867718012&cn=%E9%83%AD%E7%8E%8B%E6%87%BF&employeeNumber=2176112723&depId=%E7%94%B5%E5%AD%90%E4%B8%8E%E4%BF%A1%E6%81%AF%E5%AD%A6%E9%83%A8&email=867718012@qq.com&mobile')
#这一行可能要改。。。。。。

#---------------------登陆成功------------------------
r_w3=self.session.get('http://rg.lib.xjtu.edu.cn:8010/qseat?sp=west3B')#兴庆区的,别的区得自行修改了
r_e3=self.session.get('http://rg.lib.xjtu.edu.cn:8010/qseat?sp=east3A')
#print('各层座位数量',end = '')
#print(json.loads(r_e3.text)['scount'])
s1 = json.loads(r_e3.text)['seat']
s2 = json.loads(r_w3.text)['seat']
#s.update(json.loads(r_w3.text)['seat'])/seat/?kid=015&sp=north4southwest
#print(s1,s2)




while(1):
for i in s1:
if s1[i] == 0:
print(i)
if reserve(self,i,'east3A') == 200:
print('三楼东侧侧你的座位号是'+i)
exit(0)
for i in s2:
if s2[i] == 0:
print(i)
if reserve(self,i,'west3B') == 200:
print('三楼西侧你的座位号是'+i)
exit(0)
time.sleep(2)


if __name__ == '__main__':
mixcro = XJTUUser()
mixcro.login()

config.json

1
2
3
4
5
6
7
8
{
"username": "",
"password": "",
"headers": {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
},
"cookies": {}
}
Donate
  • Copyright: Copyright is owned by the author. For commercial reprints, please contact the author for authorization. For non-commercial reprints, please indicate the source.
  • Copyrights © 2015-2024 galaxy
  • Visitors: | Views:

请我喝杯咖啡吧~

支付宝
微信