⭐️⭐️⭐️⭐️⭐️欢迎来到我的博客⭐️⭐️⭐️⭐️⭐️
🐴作者：秋无之地

🐴简介：CSDN爬虫、后端、大数据领域创作者。目前从事python爬虫、后端和大数据等相关工作，主要擅长领域有：爬虫、后端、大数据开发、数据分析等。

🐴欢迎小伙伴们点赞👍🏻、收藏⭐️、留言💬、关注🤝，关注必回关

一、确定目标

1、先打开目标网站，找到目标所在的页面

​

2、找到所需的参数

根据上图可知，整个登录流程需要的参数有：账号、密码、验证码，而且验证码还是图形算式验证码。

3、了解登录流程，找到对应的接口

打开F12 ，刷新页面可以看到验证码的生成接口，返回的是验证码的图片信息和一个uuid的参数

4、测试登录，找到登录的接口

所以，整个登录的流程一共就2个接口，分别如下：

生成验证码接口：

https://ad.clroi.com/prod-api/code

登录接口：

https://ad.clroi.com/prod-api/auth/login

二、分析接口

1、生成验证码接口

接口的请求方式为：get

请求头参数也是常见的几个，没有加密的参数

Host、Referer、User-Agent：建议必带

 返回的参数：

1、img：验证码图片，不过需要加前缀"data:image/gif;base64,"才能组成完整的图片链接

2、uuid：唯一建，用于登录接口的请求参数

#返回参数：
{
    "msg": "操作成功",
    "img": "/9j/4AAQSkZJRgABAgAAAQABAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAA8AKADASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDtrW1ga1hZoIySikkoOeKsCztv+feL/vgU2z/484P+ua/yqyKiMY8q0IjGPKtCIWdr/wA+0P8A3wKeLK1/59of+/YqUVma7r9n4d08Xt75nk+YsZ8sZIyeuPatIUfaSUIRu3sNxiuhoCytP+fWH/v2KcLG0/59YP8Av2Kw7/xtoOn6WL97+KWJhmNIWDO/sB6/XGO+Kh8JeOrLxW08cMEtvPDhij4IKnuCP5fzrf6hW9k63s3yrRuwvcvY6UWFn/z6wf8AfsU4WFn/AM+kH/fsVMvNPHFcvLHsPlj2IRp9l/z6W/8A37H+FOGnWX/Pnb/9+l/wqCbWNOtroWs97bxzsMiN5ACRWFr3xD0bQ5ktg7Xt03JitsPsHqxHT6da6KWDq1pKFOF2/ITUFudONOsf+fO3/wC/S/4U4abY/wDPlb/9+l/wqPS9St9W06C+tWLQzoHQkYOD7VeFYSpqLaa1Q+WPYrjTLD/nytv+/S/4U8aZYf8APjbf9+l/wqwKGkWNSzEADqSaXJHsHLHsQjS9P/58bb/vyv8AhTxpWn/8+Fr/AN+V/wAK4jUfizoun6s1qlvdXNpEwSe9gXMcbf1/zjNdzY39tqFtHc2syTQyAMrocgiumtgatCKlVhZPbQSUHsA0rTv+fC1/78r/AIU4aTp3/QPtf+/K/wCFWhTxXNyx7D5Y9iqNJ03/AKB9p/35X/Cq2p6Xp8ekXrpY2qusDlWEKgg7TyOK1hVXVv8AkC3/AP17yf8AoJpSjHlegpRjyvQ5Kz/484P+ua/yqyKr2f8Ax5wf9c1/lVkU4/Chx+FC9q5jxZZwalp0lpdxGSI88HBBHQj3rqQKrXVmtwhBFaQnKElKLs0VufPdz4fj0+SWSaUywoCVUDBb6/8A1q6f4XQvBdzXQYgSrsK/jmt/xboSLpl0UX5vLYj8qy/hfPFLC8JI8yNs49q+lnmGLxeV1ZVJc3vRT8l/w/Ux5IxmrHsMJygNNupvJiLelcl4nvvFFvLbf8I8LJoVUtKJvvMw6LycYI//AFisK6+J8Etg1rNpl2msD921oF4L+x9Pwz/OvGpZfXrQU6Npd0nqvVdF57dzRzSep53rLyat44vBdysN9wyg55AB4/Su20240HwnCiSNHHLP96RwWd/c+g/SuE1m31JrltQuYViuc7m8s5Ht68jp/k1v+FoLDWYbq51CFLm4dtrBs/IuOMen1r6jHzhWwkKkqj9lBKMowt8S89rdf+CzCGkmrantmhNCbGI23l/Zyu5PLxtweeMdq1UurdrhrcTxmdRuaMMNwHqR1xXiOmeI7/4e3Ys51kvNElYmE5+aI9wP8PxHet7WdJ03xBNH4j0i8ks9TdVkhu4WwGIGBuH04P656V89Vy6NKSnOf7uXwySun69V57tdEzVTvstT1Z5o4Y2kkdURRlmY4AHqTXNeLT/avha9t7OYMbiBhE8b8E9sEds15rff2zq8I/4TPWI4tMgOfJt2Cec3YsQP0/ICjT7PULHbL4N1GK502V/ntLl8qrdyD29+h6de1QwVOnaUaq5k+z5O9ubv8reYczfQ2PDtlPpnhmDT7mCIHYwmReQ2SevqcHmuS0y9v/Cnj+0sLK6mNhLcRkQl+NrEZGPbmvYFtIns3PyeYow4U52tjOP1FeNyHd8ULdLjCbJMLk8ZwcfrXZlNedapiJVNVKMpNee6sTUSSVj6PtZhNGGHerQrK0fP2VM+lawr5w2HCqurf8gS/wD+vaT/ANBNWxVXV/8AkCX/AP17Sf8AoJqZfCyZfCzkrP8A48oP+ua/yqyKr2X/AB5Qf9c1/lVkUR+FBH4UOFOxxSCniqKOf8QQeZbNxkYrxayuJfCPi5JTkWzPg+hQ/wCFfQF5bCeIriuI1HwxFdTFJ4FliJyVYV6eW5gsI5xqR5oTVpL9V5oicObbc6KSE3cCyRnIYZBFZT6Q7z+YY1MgG0Pt5x6ZrpNHtVt7OKBV2pGoVR6ADArUFumc4rzeuhZ5tqXhh3QuVz68VyS+Ery0vGudLuzbS9djDKn2r3aS1SRMFRWPd6GhJZVrpw2MrYZv2b0e6eqfqnoTKKlueRarrFvc6PdWOrRC3vkX5oSOrdmQ10ngKxmHhaKO4H3izKp7KelaepeGIL24ja4tUlaM/KWXOK6fRtKMUQDCuqvjqcsL9XpRaTlzPW6Ttb3fL116CUXzXZ5zd+DWm1R5r+7nu7ZWJgt3Jwn1Oef85zVWXwpc21z52h30mnM/EiAnYfce/wDnivY20iNzkqKjbQoiwIUVjHMsVFq0tErWsuW3+G1vw313HyROc8J6BBommSxwyTTTznfcTyuSZH9cdB/nJNc94l0drS5k1q101bvUYF/dKQTnnrtHUjr616ra6esK4AqtfaWJTlRzWUcVU9t7aTu3v5rqnbo9vQfKrWMrwDrV9qOkrFq1m9pqMPEiMuBIvZ1/kR2I+ldqtYmm2bwHmttBxWVWanNyStfotkC0Q8VV1f8A5Al//wBe0n/oJq2Kq6v/AMgS/wD+vaT/ANBNYy+Fil8LOSsv+PK3/wCua/yqyK5mLWrmKJI1SIhFCjIPb8ak/t+6/wCecP8A3yf8ayjWjZGcasbI6UU4VzP/AAkN3/zzg/75P+NL/wAJFd/884P++T/jVe2iP20TqMZpjW6MckCub/4SS8/55Qf98n/Gl/4SW8/55Qf98n/Gj20Q9tE6mOMIOBUwrkf+Envf+eVv/wB8t/jS/wDCUXv/ADyt/wDvlv8AGj20Q9tE68U7aDXH/wDCVX3/ADyt/wDvlv8AGl/4Su+/55W3/fLf40e2iHtonVm1RjnaKnjiVBwK47/hLb//AJ423/fLf40v/CX6h/zxtv8Avlv/AIqj20Q9tE7YCngVw/8AwmGof88bX/vlv/iqX/hMtR/542v/AHy3/wAVR7aIe2id0BS7QetcL/wmeo/88bX/AL4b/wCKpf8AhNdS/wCeFp/3w3/xVHtoh7aJ3ioBUgrgP+E21L/nhaf98N/8VS/8Jxqf/PC0/wC+G/8AiqPbRD20T0EVV1f/AJAeof8AXtJ/6Ca4r/hOdT/54Wn/AHw3/wAVUdz4z1G6tZrd4bUJKjIxVWyARjj5qmVaNmKVWNmf/9k=",
    "code": 200,
    "captchaOnOff": true,
    "uuid": "50d10c7521ad42f8b313aa8bb19c2b04"
}

这是，验证码接口就解决了，简单吧！

2、登录接口

接口的请求方式为：post

请求头参数也是常见的几个，没有加密的参数

Host、Referer、User-Agent：建议必带

请求体参数：

1、code：验证码的结果

2、password：密码

3、username：账号

4、uuid：验证码接口返回的参数

这时候有人会问了，上面验证码接口的一个图片链接，现在传递的参数是一个字符串，怎么办？

方法有好多种：

1. 找打码平台，例如百度AI打码
2. 使用ocr识别（需要训练）
3. 将图片截图发到手机里，人工识别后回传信息给程序继续下一步登录

返回参数：

1、access_token：登录的token，需要加前缀"Bearer "后续请求数据接口才能用

2、code：200表示成功，500表示失败

三、代码编写

1、获取验证码信息

    def get_code(self):
        '''
        获取登录验证码
        :return:
        '''
        try:
            url = "https://ad.clroi.com/prod-api/code"
            header = {
                "Referer": "https://ad.clroi.com/login?redirect=%2Findex",
                "Host":"ad.clroi.com",
                "User-Agent":self.ua,
                "Accept":"application/json, text/plain, */*",
            }
            resp = requests.get(url,headers=header).json()
            if resp['code']==200:
                code_img = "data:image/gif;base64," + resp['img']
                code_uuid = resp['uuid']
                #破解验证码
                code_num = self.down_code_img(code_img=code_img)
                print("验证码：",code_num," ，uuid：",code_uuid)
                auth = self.get_token(login_code=code_num, uuid=code_uuid)
            else:
                auth = ""
            return auth
        except Exception as e:
            print(e)
            return ""

2、登录获取token

    def get_token(self,login_code=None,uuid=None):
        '''
        获取token
        :return:
        '''
        try:
            url = "https://ad.clroi.com/prod-api/auth/login"
            header = {
                "User-Agent":self.ua,
                "Content-Type":"application/json;charset=UTF-8",
            }
            data = {"username": "XXXX", "password": "XXXX", "code": login_code, "uuid": uuid}
            resp = requests.post(url,headers=header,json=data).json()
            print(resp)
            if resp['code']==200:
                auth = "Bearer " + resp['data']['access_token']
                return auth
        except Exception as e:
            print(e)

四、总结

模拟登录的步骤不难，主要是以下三点：

1. 确定目标
2. 分析接口
3. 代码编写

版权声明

本文章版权归作者所有，未经作者允许禁止任何转载、采集，作者保留一切追究的权利。