Recently, I want to climb some of Taobao's products , However, if you want to use search and other functions, you need to log in , So I came up with an article to simulate the login of Taobao !
Taobao series tutorial :
Taobao complete series above ,vx Scan the QR code below the code , Focus on vx official account : Naked pigs reply : TaoBao You can get the tutorial and source code !
I read a lot about simulated Login on Taobao , But it's basically using scrapy、pyppeteer、selenium Wait for the library to simulate login , But we haven't talked about these libraries yet , Just about requests library , Let's use it today requests Library simulation login Taobao !
Talk about analog login before Taobao , Let's review the previous use of requests Database simulation login Douban and Sina weibo The process of : This kind of simulated Login is a relatively simple login , Just upload and verify the user name and password at the time of login request , That is to say, one step in place !
And Taobao login is more complex , Why is it complicated ? Because Taobao login There are many parameters involved And Ask more than once ! Let's talk about the process of Taobao login first , First, understand the process principle , Go ahead and type the code , It's easy for everyone to understand !
For your understanding , Brother pig drew a non-standard Taobao login request sequence diagram
TaoBao ua Parameters :ua(User-Agent) So it's called user agent , Taobao's ua Parameters are added to the browser 、ip、 The computer 、 Time and other information , And then encryption is generated , Use... In many places , It's not just logging in !
Above is a more detailed flow chart , Considering from the code level, brother pig divides the simulated Login to Taobao into the following four steps :
Some students may ask questions here : Why Taobao (taobao.com) After the verification is passed, you need to take token Go to Alibaba (alibaba.com) In exchange for st Yard ? Let's talk about this later !
We only talked about the login process , Here, brother pig will first explain the operation of each step in detail , Then paste out the implementation code !
At present, when we log in to Taobao , In most cases, the slider verification code will not appear , Piggy tried to log in and out many times, but only once in the middle , What controls whether the slider verification code is needed ?
As can be seen from the above figure , When pig enters the user name ( It must be a mobile phone number ) after , The browser will launch a post request , To verify whether the slider verification code needs to appear , If you return true, The slider verification code appears ! Otherwise, it will not appear , In general, it will not appear !
We can see in the picture this time post The request uploads two parameters :username、ua!
Brother pig said before ua For browsers 、ip、 Device information and other multi information encryption parameters , So brother pig guesses whether the verification code of Taobao appears not only from the account point of view , also ip、 Equipment etc !
for instance : A device may have a large number of accounts logged in , At this time, Taobao can start from ua Parameter to get the device number , Then limit the device !
After knowing the process and request links and parameters , We can use code to request !
Here is the first step in the above sequence diagram 5 Step : Request login , The user name will be 、ua Parameters 、 Encryption password, etc 30 A dozen parameters post To Taobao (taobao.com) To verify .
Let's implement it in code , Don't be frightened by so many parameters , It's all copied from the browser !
Look at the result of the request !
You can see the application st Code link with a token, Specifically token What is it for? Let's analyze it later !
We have applied to Taobao (taobao.com) Of token, This step is to use token In exchange for st code .
Many people here may have questions : Why is Taobao so troublesome to log in ? Directly in taobao.com Login is OK ? Why do you have to be first in taobao Verify username and password , Go to... After passing alibaba.com Exchange for st Code login ?
The framework of any company is the result of a gradual evolution , I think the initial Taobao login is not so complicated . But as Alibaba grows , Many business lines are divided , But these business lines are related , Such as user After logging into the Taobao account, tmall doesn't need to log in anymore ?( Note that Taobao and tmall's top-level domains are different , So we can't share cookis) To solve this problem , Single sign on And that's what happened .
Single sign on (Single Sign On), Referred to as SSO, Is one of the more popular enterprise business integration solutions .SSO Is defined in multiple application systems , Users only need to log in once to access all mutual trust application systems . —— Baidu Encyclopedia
Many large enterprises almost do single sign on , Alibaba's single sign on system must be the parent company Alibaba (alibaba.com) Here we go , All subsidiaries call the parent company interface !
We will come back to analyze why Taobao login is so complicated : User data is here on Taobao , So we need to Taobao now (taobao.com) Verify user name and password , Verify by generating a token, Browser holding token Go to Alibaba (alibaba.com) Apply for single sign on code (st code ), Alibaba received a request to verify token Pass and return st code , So use token in st The reason for the code is single sign on !
After understanding the design principles , Code implementation is very clear !
Succeed in getting st After the code, we can log in , This step is through st Code to get the login cookies.
Here we have simulated the success of Taobao login !
In fact, we have successfully logged into Taobao and returned the link to the user's home page , In order to further verify the login success , Just ask for Taobao's user homepage , By the way, take out Taobao's nickname !
Let's summarize a little after the whole talk , Mainly from The code structure and The problem is Two aspects :
To release a code structure diagram , Let us have an intuitive understanding of
This is the four steps of simulated Login Taobao that we mentioned earlier , But here we are using code to realize !
Before writing this tutorial, brother pig also learned about it on the Internet , Then I use the browser and the bag grabbing tool (Charles) Step by step practice , The most important thing is that you first need to understand the general process of Taobao login , Otherwise, you will be confused in actual operation , Let's talk about the current problems and existing problems
See here is not feeling Taobao analog login on a lot of clear , Interested students can collect and forward , Try it on your own at weekends . Conquer Taobao login , Other logins are relatively simple !
Access to the source code ,vx Scan the qr code below , Focus on vx official account 「 Naked pigs 」 reply : Simulated Login Taobao Can get !