MOD:加密方式修改

data_manage/operate.py

@@ -1,7 +1,8 @@
 import requests
 import time
 from urllib.parse import urlencode
-from model.UserAuthUtils import get_g_token
+from config.using_config import sha256_token, sha256_account
+from model.UserAuthUtils import get_g_token_sha256
 from model.DateUtils import DateUtils
 from model.DataBaseUtils import *
 from model.UserAuthUtils import super_auth
@@ -13,8 +14,8 @@ def user_channel(arg):
     g_time = int(time.time())
     base_url = 'https://api.zanxiangnet.com'
     params = '/erp/api/resource/search/3'
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     url = base_url + params + '?' + params_other_urlencode
     rsp = requests.get(url)
     channel_list = []
@@ -29,8 +30,8 @@ def user_channel_group(arg):
     g_time = int(time.time())
     base_url = 'https://api.zanxiangnet.com'
     params = '/erp/api/resource/search/3'
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     url = base_url + params + '?' + params_other_urlencode
     rsp = requests.get(url)
 
@@ -59,8 +60,8 @@ def user(arg):
     g_time = int(time.time())
     base_url = 'https://api.zanxiangnet.com'
     params = '/erp/api/user/search/3'
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     url = base_url + params + '?' + params_other_urlencode
     rsp = requests.get(url)
 
@@ -115,8 +116,8 @@ def get_channel(arg):
     g_time = int(time.time())
     base_url = 'https://api.zanxiangnet.com'
     params = '/erp/api/resource/search/3'
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     url = base_url + params + '?' + params_other_urlencode
     rsp = requests.get(url)
     channel_list_all = []
@@ -139,8 +140,8 @@ def get_channel(arg):
     g_time = int(time.time())
     base_url = 'https://api.zanxiangnet.com'
     params = f'/erp/api/resource/subUserResourceList/3/{user_id}/投手,运营'
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     # 防止urlencode自动换行
     params_other_urlencode = params_other_urlencode.replace('%0A', '')
     url = base_url + params + '?' + params_other_urlencode
@@ -177,8 +178,8 @@ def get_pitcher(arg):
         base_url = 'https://api.zanxiangnet.com'
         params = '/erp/api/user/search/3'
         params_others = '?resourceTags=投手'
-        g_token = get_g_token(g_time, params)
-        params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+        g_token = get_g_token_sha256(g_time, params)
+        params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
         url = base_url + params + params_others + '&' + params_other_urlencode
         rsp = requests.get(url)
 
@@ -190,8 +191,8 @@ def get_pitcher(arg):
     g_time = int(time.time())
     base_url = 'https://api.zanxiangnet.com'
     params = f'/erp/api/user/subUser/3/{user_id}'
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     url = base_url + params + '?' + params_other_urlencode
     rsp = requests.get(url)
 
@@ -204,8 +205,8 @@ def get_user_name_by_id(user_id):
     g_time = int(time.time())
     base_url = 'https://api.zanxiangnet.com'
     params = f'/erp/api/user/subUser/3/{user_id}'
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     url = base_url + params + '?' + params_other_urlencode
     rsp = requests.get(url)
     nick_name = None
@@ -217,6 +218,6 @@ def get_user_name_by_id(user_id):
 
 
 if __name__ == '__main__':
-    print(get_channel({'user_id':78}))
+    print(get_channel({'user_id': 78}))
     # print(get_user_name_by_id({'user_id':78,'name':''}))
     # print(get_user_name_by_id(78))

model/UserAuthUtils.py

@@ -2,24 +2,19 @@ from model.DataBaseUtils import MysqlUtils
 import base64
 import requests
 import time
-from config.using_config import aes_token
+import hashlib
+from config.using_config import  sha256_token, sha256_account
 from urllib.parse import urlencode
 from Crypto.Cipher import AES
 from Crypto.Util.Padding import pad
 
 
-def get_g_token(g_time, params):
-    bs = AES.block_size
-    # pad = lambda s: s + (bs - len(s) % bs) * chr(bs - len(s) % bs)
-    # 设置加密方式
-    cipher = AES.new(aes_token.encode('utf-8'), AES.MODE_ECB)
-    # 设置原始数据
-    pad_params = params + str(g_time)
-    # 数据加密
-    data = cipher.encrypt(pad(pad_params.encode('utf-8'), bs))
-    g_token = (base64.encodebytes(data)).decode('utf8').strip()
-    return g_token
 
+def get_g_token_sha256(g_time, params):
+    secret = sha256_token
+    sha256_str = secret + params + str(g_time)
+    g_token = hashlib.sha256(sha256_str.encode('utf-8')).hexdigest()
+    return g_token
 
 def get_auth_user(user_id):
     """获取用户拥有所有用户（包括自己）的权限"""
@@ -27,8 +22,8 @@ def get_auth_user(user_id):
     base_url = 'https://api.zanxiangnet.com'
     params = f'/erp/api/user/subUser/3/{user_id}'
     print(params)
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     url = base_url + params + '?' + params_other_urlencode
     rsp = requests.get(url)
     nick_name_list = []
@@ -41,8 +36,8 @@ def get_auth_channel_self(user_id):
     g_time = int(time.time())
     base_url = 'https://api.zanxiangnet.com'
     params = '/erp/api/resource/search/3'
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     params_other = f'?userIds={user_id}'
     url = base_url + params + params_other + '&' + params_other_urlencode
     rsp = requests.get(url)
@@ -63,8 +58,8 @@ def get_auth_channel(user_id):
     g_time = int(time.time())
     base_url = 'https://api.zanxiangnet.com'
     params = f'/erp/api/resource/subUserResourceList/3/{user_id}/投手,运营'
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     # 防止urlencode自动换行
     params_other_urlencode = params_other_urlencode.replace('%0A', '')
     url = base_url + params + '?' + params_other_urlencode
@@ -85,8 +80,8 @@ def get_auth_channel(user_id):
         g_time = int(time.time())
         base_url = 'https://api.zanxiangnet.com'
         params = '/erp/api/resource/search/3'
-        g_token = get_g_token(g_time, params)
-        params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+        g_token = get_g_token_sha256(g_time, params)
+        params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
         url = base_url + params + '?' + params_other_urlencode
         rsp = requests.get(url)
         channel_list = []
@@ -108,8 +103,8 @@ def get_auth_game_info(user_id):
     g_time = int(time.time())
     base_url = 'https://api.zanxiangnet.com'
     params = '/erp/api/user/search/3'
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     url = base_url + params + '?' + params_other_urlencode
     rsp = requests.get(url)
 
@@ -138,8 +133,8 @@ def get_auth_game_name(user_id):
     g_time = int(time.time())
     base_url = 'https://api.zanxiangnet.com'
     params = '/erp/api/user/search/3'
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     url = base_url + params + '?' + params_other_urlencode
     rsp = requests.get(url)
     user_name = None
@@ -165,8 +160,8 @@ def super_auth():
     g_time = int(time.time())
     base_url = 'https://api.zanxiangnet.com'
     params = '/erp/api/user/search/3'
-    g_token = get_g_token(g_time, params)
-    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token})
+    g_token = get_g_token_sha256(g_time, params)
+    params_other_urlencode = urlencode({'g_time': g_time, 'g_token': g_token, 'g_account': sha256_account})
     url = base_url + params + '?' + params_other_urlencode
     rsp = requests.get(url)
     print(rsp.text)