web微信开发
群里接收消息时,使用广播,但需要刷新页面才能接收到广播内容。 - 轮询: 定时每秒刷新一次,当群不活跃时,群里的每个客户端都在刷新,对服务端压力太大。 - 长轮询:客户端连服务端,服务端一直不断开,也不回消息。夯住请求(Web微信,WebQQ), 假设夯住60s,60s后统一断开,然后客户端和服务端连接失败。然后紧接着再发送一次请求。相当于每分钟发送一次请求。 夯住不动只要有一个人发送消息,立刻断开带着新信息返回。只要消息来了就返回断开,这样就实时接收消息。 - 无消息,超时之后断开,客户端立即发送请求; - 有消息,立即返回 轮询和长轮询利用的是http协议,这种请求是单向的,目前长轮询使用广泛。 - WebSocket 相比轮询和长轮询更好,客户端和服务端不断开,客户端和服务端可以相互接收消息。但是不是所有的浏览器都支持。目前还未大批量使用,以后是趋势。 1. 显示二维码 打开微信网页微信二维码登录时,未扫码登录时二维码登录页面和微信服务端一直在长轮询状态。 当手机扫码时,手机向微信服务端发送请求,直接拿到结果给微信网页端,页面登录状态改变。 二维码本质是图片,每次刷新页面图片都不同,每次后缀都不同。 向https://login.wx.qq.com/jslogin?appid=wx782c26e4c19acffb&redirect_uri=https%3A%2F%2Fwx.qq.com%2Fcgi-bin%2Fmmwebwx-bin%2Fwebwxnewloginpage&fun=new&lang=zh_CN&_=1504151392313(其中1504151392313是时间戳) 发送请求获取响应window.QRLogin.code = 200; window.QRLogin.uuid = "wdLetLlNoQ==",二维码随机字符串uuid:"wdLetLlNoQ==",根据uuid创建二维码。 src="https://login.weixin.qq.com/qrcode/wdLetLlNoQ==" src="https://login.weixin.qq.com/qrcode/YeOkCQK4FQ==" - 获取uuid - 根据uuid创建二维码 发送消息: post_data = { "BaseRequest": { 'xxx': 123123123123, form to msg: 中文 'xxx': 123123123123, } } # requests.post(json=post_data,headers={'cotnen':'json'}) # requests.post(data=json.dumps(post_data),headers={'cotnen':'json'}) # requests.post(data=json.dumps(post_data,ensure_ascii=False),headers={'cotnen':'json'})
开发web微信
- 打开wechat, 查看登录页面,猜想: 手机、web、微信服务器 - 二维码 - 扫码 - 确定登录 - 登录cookie 200, redirict_url: ticket - 凭证cookie - 初始化: 最近信息 - 显示头像 因为跨域头像无法显示显示: 我们的自己写的网站 http://127.0.0.1: 浏览器上保存这个网站http://127.0.0.1相关cookie 访问我们自己的网站的图片时,携带我们自己的cookie <img src='http://127.0.0.1' /> 自己写的网站访问微信的图片时,携带着我们网站的cookie,这就跨域了,不能带着我们本地的cookie去。 <img src='http://wx.qq.com.....' /> <img src='http://wx.qq.com.....' /> GET请求,get请求没有请求体,只有请求头 请求头:url: http://wx.qq.com..... cookie: xxxx, # 没有微信的cookie referer: http://127.0.0.1... **** # 因为是自己写的网站访问微信图片,referer默认当着当前url,微信可以通过referer阻拦访问,同样cookie也可以阻止访问 所以不直接向微信发消息获取头像,上面是浏览器发的消息,没法伪造请求头请求体cookie。可以向我们后台自己发,因为python的requests模块可以伪造这些信息。 <img src='http://127.0.0.1/img' /> v= requests.get(...,cookie,headers) python的requests模块通过获取cookie,请求体信息。获取微信头像数据信息,然后再访问本地信息从而显示头像。 - 显示所有联系人 ... - 发消息 current_user = req.session['INIT_DICT']['User']['UserName'] # session初始化,User.UserName to = req.POST.get('to') # @dfb23e0da382f51746575a038323834a msg = req.POST.get('msg')# asdfasdfasdf # session Ticket # session Cookie ticket_dict = req.session['TICKED_DICT'] ctime = int(time.time()*1000) post_data = { "BaseRequest":{ "DeviceID": "e384757757885382", 'Sid': ticket_dict['wxsid'], 'Uin': ticket_dict['wxuin'], 'Skey': ticket_dict['skey'], }, "Msg":{ "ClientMsgId":ctime, "LocalID":ctime, "FromUserName": current_user, "ToUserName":to, "Content": msg, "Type": 1 }, "Scene": 0 } url = "https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxsendmsg?pass_ticket={0}".format(ticket_dict['pass_ticket']) # res = requests.post(url=url,json=post_data) # application/json,json.dumps(post_data) # res = requests.post(url=url,data=json.dumps(post_data),headers={'Content-Type': "application/json"}) # application/json,json.dumps(post_data) res = requests.post(url=url,data=json.dumps(post_data,ensure_ascii=False).encode('utf-8'),headers={'Content-Type': "application/json"}) # application/json,json.dumps(post_data) print(res.text) - 收消息 见代码
总结:
a. 分析Http请求 - 请求方式 - URL - 浏览器看到数据的二种形式 Form Data? # form表单数据类型,request.post中取 { k: 1, k: “fds”, k: [11,2,3,4], k: {K:}, # 不能传字典,传字典只能把字典的key传到后台,发字典的时候需要转为字符串类型 } request payload? # json数据类型,整个数据当成字符串发到后台。request.body中取 { k: 1, k: “fds”, k: [11,2,3,4], k: {K:}, } requests.post() - 请求头:(爬网站进不去时,下面五个设置注意下,大部分可以爬取了) user-agent: 当前用户使用的设备,知乎爬虫需要带user-agent。 Referer: "xxx" content-type: application/json, host cookie关键,cookie依附在请求头中 b. 代理 封IP时,代理设置
具体代码如下:
urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^login.html$', views.login), url(r'^check_login.html$', views.check_login), url(r'^index.html$', views.index), url(r'^avatar.html$', views.avatar), url(r'^contact_list.html$', views.contact_list), url(r'^send_msg.html$', views.send_msg), url(r'^get_msg.html$', views.get_msg), ]
from django.shortcuts import render,HttpResponse import requests import time import re import json def ticket(html): from bs4 import BeautifulSoup ret = {} soup = BeautifulSoup(html,'html.parser') for tag in soup.find(name='error').find_all(): ret[tag.name] = tag.text return ret def login(req): if req.method == 'GET': uuid_time = int(time.time() * 1000) base_uuid_url = "https://login.wx.qq.com/jslogin?appid=wx782c26e4c19acffb&redirect_uri=https%3A%2F%2Fwx.qq.com%2Fcgi-bin%2Fmmwebwx-bin%2Fwebwxnewloginpage&fun=new&lang=zh_CN&_={0}" uuid_url =base_uuid_url.format(uuid_time) r1 = requests.get(uuid_url) result = re.findall('= "(.*)";',r1.text) uuid = result[0] req.session['UUID_TIME'] = uuid_time req.session['UUID'] = uuid return render(req,'login.html',{'uuid':uuid}) def check_login(req): response = {'code': 408,'data':None} ctime = int(time.time()*1000) # base_login_url = "https://login.wx.qq.com/cgi-bin/mmwebwx-bin/login?loginicon=true&uuid={0}&tip=0&r=-735595472&_={1}" base_login_url = "https://login.wx.qq.com/cgi-bin/mmwebwx-bin/login?loginicon=true&uuid={0}&tip=0&r=-735595472&_={1}" # "https://login.wx.qq.com/cgi-bin/mmwebwx-bin/login?loginicon=true&uuid=AbPhQTMl9w==&tip=0&r=-736896961&_=1503975440649" login_url = base_login_url.format(req.session['UUID'],ctime) r1 = requests.get(login_url) if 'window.code=408' in r1.text: # 无人扫码 response['code'] = 408 elif 'window.code=201' in r1.text: # 扫码,返回头像 response['code'] = 201 response['data'] = re.findall("window.userAvatar = '(.*)';",r1.text)[0] elif 'window.code=200' in r1.text: # 扫码,并确认登录 req.session['LOGIN_COOKIE'] = r1.cookies.get_dict() base_redirect_url = re.findall('redirect_uri="(.*)";',r1.text)[0] redirect_url = base_redirect_url + '&fun=new&version=v2' # 获取凭证 r2 = requests.get(redirect_url) ticket_dict = ticket(r2.text) req.session['TICKED_DICT'] = ticket_dict req.session['TICKED_COOKIE'] = r2.cookies.get_dict() # 初始化,获取最近联系人信息:工作号 post_data = { "BaseRequest":{ "DeviceID": "e384757757885382", 'Sid': ticket_dict['wxsid'], 'Uin': ticket_dict['wxuin'], 'Skey': ticket_dict['skey'], } } print('初始化开始...') # 用户初始化,讲最近联系人个人信息放在session中 init_url = "https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxinit?r=-740036701&pass_ticket={0}".format(ticket_dict['pass_ticket']) r3 = requests.post( url=init_url, json=post_data ) r3.encoding = 'utf-8' init_dict = json.loads(r3.text) req.session['INIT_DICT'] = init_dict response['code'] = 200 return HttpResponse(json.dumps(response)) def avatar(req): prev = req.GET.get('prev') # /cgi-bin/mmwebwx-bin/webwxgeticon?seq=602427528 username = req.GET.get('username') # @fb736164312cbcdb9abe746d81e24835 skey = req.GET.get('skey') # @crypt_2ccf8ab9_4414c9f723cbe6e9caca48b7deceff93 img_url = "https://wx.qq.com{0}&username={1}&skey={2}".format(prev,username,skey) cookies= {} cookies.update(req.session['LOGIN_COOKIE']) cookies.update(req.session['TICKED_COOKIE']) print(img_url) res = requests.get(img_url,cookies=cookies,headers={'Content-Type': 'image/jpeg'}) return HttpResponse(res.content) def index(req): """显示最近联系人""" # https://wx.qq.com return render(req,'index.html') def contact_list(req): """ 获取所有联系人 :param req: :return: """ ctime = int(time.time()*1000) base_url = "https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxgetcontact?lang=zh_CN&r={0}&seq=0&skey={1}" url = base_url.format(ctime,req.session['TICKED_DICT']['skey']) cookies = {} cookies.update(req.session['LOGIN_COOKIE']) cookies.update(req.session['TICKED_COOKIE']) r1 = requests.get(url,cookies=cookies) r1.encoding = 'utf-8' user_list = json.loads(r1.text) return render(req, 'contact_list.html',{'user_list':user_list}) def send_msg(req): """ 发送消息 :param req: :return: """ current_user = req.session['INIT_DICT']['User']['UserName'] # session初始化,User.UserName to = req.POST.get('to') # @dfb23e0da382f51746575a038323834a msg = req.POST.get('msg')# asdfasdfasdf # session Ticket # session Cookie ticket_dict = req.session['TICKED_DICT'] ctime = int(time.time()*1000) post_data = { "BaseRequest":{ "DeviceID": "e384757757885382", 'Sid': ticket_dict['wxsid'], 'Uin': ticket_dict['wxuin'], 'Skey': ticket_dict['skey'], }, "Msg":{ "ClientMsgId":ctime, "LocalID":ctime, "FromUserName": current_user, "ToUserName":to, "Content": msg, "Type": 1 }, "Scene": 0 } url = "https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxsendmsg?pass_ticket={0}".format(ticket_dict['pass_ticket']) # res = requests.post(url=url,json=post_data) # application/json,json.dumps(post_data) # res = requests.post(url=url,data=json.dumps(post_data),headers={'Content-Type': "application/json"}) # application/json,json.dumps(post_data) res = requests.post(url=url,data=json.dumps(post_data,ensure_ascii=False).encode('utf-8'),headers={'Content-Type': "application/json"}) # application/json,json.dumps(post_data) print(res.text) return HttpResponse('...') def get_msg(req): """ 长轮询获取消息 :param req: :return: """ # 检查是否有消息到来 ctime = int(time.time()*1000) ticket_dict = req.session['TICKED_DICT'] check_msg_url = "https://webpush.wx.qq.com/cgi-bin/mmwebwx-bin/synccheck" cookies = {} cookies.update(req.session['LOGIN_COOKIE']) cookies.update(req.session['TICKED_COOKIE']) synckey_dict = req.session['INIT_DICT']['SyncKey'] synckey_list = [] for item in synckey_dict['List']: tmp = "%s_%s" %(item['Key'],item['Val']) synckey_list.append(tmp) synckey = "|".join(synckey_list) r1 = requests.get( url=check_msg_url, params={ 'r': ctime, "deviceid": "e384757757885382", 'sid': ticket_dict['wxsid'], 'uin': ticket_dict['wxuin'], 'skey': ticket_dict['skey'], '_': ctime, 'synckey': synckey }, cookies=cookies ) print(r1.text) if '{retcode:"0",selector:"0"}' in r1.text: return HttpResponse('...') # 有消息,获取消息 base_get_msg_url = "https://wx.qq.com/cgi-bin/mmwebwx-bin/webwxsync?sid={0}&skey={1}&lang=zh_CN&pass_ticket={2}" get_msg_url = base_get_msg_url.format(ticket_dict['wxsid'],ticket_dict['skey'],ticket_dict['pass_ticket']) post_data = { "BaseRequest":{ "DeviceID": "e384757757885382", 'Sid': ticket_dict['wxsid'], 'Uin': ticket_dict['wxuin'], 'Skey': ticket_dict['skey'], }, 'SyncKey': req.session['INIT_DICT']['SyncKey'] } r2 = requests.post( url = get_msg_url, json=post_data, cookies=cookies ) r2.encoding = 'utf-8' # 接受到消息: 消息,synckey msg_dict = json.loads(r2.text) print(msg_dict) for msg in msg_dict['AddMsgList']: print('您有新消息到来:',msg['Content']) init_dict = req.session['INIT_DICT'] init_dict['SyncKey'] = msg_dict['SyncKey'] req.session['INIT_DICT'] = init_dict return HttpResponse('...')
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <div> <img style="height: 400px;width: 400px;" id="img" src="https://login.weixin.qq.com/qrcode/{{uuid}}"> </div> <script src="/static/jquery-1.12.4.js"></script> <script> $(function () { checkLogin(); }); function checkLogin() { $.ajax({ url: '/check_login.html', type: 'get', data: {}, dataType: 'JSON', success:function (arg) { if(arg.code == 408){ checkLogin(); }else if(arg.code == 201){ $('#img').attr('src',arg.data); checkLogin(); }else { location.href = "/index.html" } } }) } </script> </body> </html>
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <h1>个人信息</h1> <img src="/avatar.html?prev={{ request.session.INIT_DICT.User.HeadImgUrl }}"> <h2>{{ request.session.INIT_DICT.User.NickName }}</h2> <h1>最近联系人</h1> <ul> {% for user in request.session.INIT_DICT.ContactList %} <li><img src="/avatar.html?prev={{ user.HeadImgUrl }}"> {{ user.UserName }} {{ user.NickName }}</li> {% endfor %} </ul> <a href="/contact_list.html">更多联系人</a> <h1>公众号信息</h1> </body> </html>
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <h1>发送消息</h1> <input placeholder="接受者" id="to" /> <input placeholder="消息内容" id="msg" /> <input type="button" value="发送" onclick="sendMsg();" /> <h1>用户列表({{ user_list.MemberCount }})</h1> {% for user in user_list.MemberList %} <div username="{{ user.UserName }}"> {# <img style="width: 50px;height: 50px;" src="/avatar.html?prev={{ user.HeadImgUrl }}"><span>{{ user.NickName }}</span>#} <span>{{ user.NickName }}</span> </div> {% endfor %} <script src="/static/jquery-1.12.4.js"></script> <script> $(function () { getMsg(); }); function getMsg() { $.ajax({ url: '/get_msg.html', type: 'GET', success:function (arg) { //console.log(arg); getMsg(); } }) } function sendMsg() { $.ajax({ url: '/send_msg.html', type: "POST", data: {'to': $('#to').val(), 'msg': $('#msg').val()}, success:function (arg) { alert(arg); } }) } </script> </body> </html>