思路
测试1
1.如果到github的登录界面,清除一遍缓存之后请求,无法登录 422
登录界面是从login界面跳转的,说明login中存了一些内容(cookies)
获取authenticity_token与timestamp_secret
2.session为登录接口,携带相应的数据即可
代码
import requests
import re
username = 'xxxx'
password = 'xxxx'
url_login = 'https://github.com/login'
header = {
'User-Agent' :'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36',
}
login_response = requests.get(url=url_login, headers=header)
#获取authenticity_token与timestamp_secret,它存放在login界面中,登录需要此参数
authenticity_token = re.findall('<input type="hidden" name="authenticity_token" value="(.*?)" />',
login_response.text,
re.S)[0]
timestamp_secret = re.findall('<input type="hidden" name="timestamp_secret" value="(.*?)" class="form-control" />',
login_response.text,
re.S)[0]
print(authenticity_token)
print(timestamp_secret)
form_data = {
'commit': 'Sign in',
'utf8': '✓',
'authenticity_token': authenticity_token,
'ga_id': '765496688.1577703239',
'login': username,
'password': password,
'webauthn-support': 'supported',
'webauthn-iuvpaa-support': 'unsupported',
'required_field_ea03': '',
'timestamp': 1577703901509, # 时间戳
'timestamp_secret': timestamp_secret
}
session_url = 'https://github.com/session'
session_response = requests.post(
url=session_url,
data=form_data,
cookies=login_response.cookies,
headers=header
)
emails_response = requests.get('https://github.com/settings/emails', cookies=session_response.cookies)
print('xxxx' in emails_response.text)