Closed Dreamail closed 1 year ago
Amia33
commented
1 year ago In theory, you can keep the token if you manage to visit wahlap site regularly. However, the site has a scheduled maintenance daily at 4-7 am, so I can't make sure if the token is rotated daily. Let me check it this midnight.
Amia33
commented
1 year ago Yeah after several hours' testing I find that the token is NOT changed across maintenances. But you need to take care of userid which changes across visits. Just schedule the program to visit home page every hour (this needs verification)
Dreamail
commented
1 year ago Got it. I found that the "_t" cookie after 1 year, which I have seen in Chrome cookie. I have also confirm that it won't logout after an all night.
I'm working on a maimai bot. Thanks for your answer.
Amia33
commented
1 year ago Got it. I found that the "_t" cookie after 1 year, which I have seen in Chrome cookie. I have also confirm that it won't logout after an all night.
I'm working on a maimai bot. Thanks for your answer.
Here I have some more guesses about the cookie expiry issue which might be helpful:
0/ "userid" is changed across visits (which is already proven)
1/ "_t" would be changed if:
(1) wahlap server sucks (for example, on Jun 8th, 2023, the day Ver.CN 1.30 was delivered) and its WAF considers your connection not handleable
(2) a new version is delivered, and server assets are refreshed
(3) for any reason, your program sends too many requests and triggered WAF block
Also, the privacy issue on transferring cookies or tokens online is serious, so please be careful dealing with it. Hope you can make a great bot owo
Dreamail
commented
1 year ago Does userid must be update during each request? Or it can be used though a new userid was placed?
Amia33
commented
1 year ago Does userid must be update during each request? Or it can be used though a new userid was placed?
I would copy the latest userid from response cookies to avoid potential expiry.
Dreamail
commented
1 year ago BTW, is the friendVS upload API deleted? I can't post /page/friendVS.
Amia33
commented
1 year ago BTW, is the friendVS upload API deleted? I can't post /page/friendVS.
Yes, due to Privacy Protection Law Enforcement, all features related to real photography are disabled. This means no custom avatar and no uploaded ScoreImage. (Although some people report that avatar is still available. It just can't be uploaded to the server.)
Dreamail
commented
1 year ago Um, I meant diving-fish's scores upload api seems to be down. Scores page upload works but friend vs didn't. I going to make a page-parser by myself.
Diving-Fish
commented
1 year ago Um, I meant diving-fish's scores upload api seems to be down. Scores page upload works but friend vs didn't. I going to make a page-parser by myself.
Deployed.
Dreamail
commented
1 year ago Um, I meant diving-fish's scores upload api seems to be down. Scores page upload works but friend vs didn't. I going to make a page-parser by myself.
Deployed.
Oh, thanks.
Dreamail
commented
1 year ago Friend vs page parser seem to be broken. It update my records all 101%. So I have made a parser myself, thanks for your work.
如题 华立的token多久才会过期捏 目前只知道重新登录就会使旧token过期 但如果登录一次之后长时间不过期是否可以用于做好友机器人