Open dpeddi opened 2 years ago
Login token and app token have an expiration.
They can be renewed with: 're_login': 'https://account.huami.com/v1/client/re_login'
're_login': 'https://account.huami.com/v1/client/re_login'
and the following payload:
're_login': { 'device_id_type': 'androidid' 'app_name' : 'com.huami.midong' 'login_token': None 'device_id' : None }
Full mitmproxy dump:
Flow Details 2021-09-26 21:49:22 POST https://account-cn2.huami.com/v1/client/re_login ← 200 OK application/json 532b 769ms Request Response Detail hm-privacy-ceip: true app_name: com.huami.midong X-Request-Id: a8ff8500-d780-4f0e-a83e-729097776366 hm-privacy-diagnostics: false Accept-Language: it-IT Content-Type: application/x-www-form-urlencoded; charset=UTF-8 User-Agent: Dalvik/2.1.0 (Linux; U; Android 5.0.2; HTC One Build/LRX22G) Host: **account-cn2**.huami.com Connection: Keep-Alive Accept-Encoding: gzip Content-Length: 413 URLEncoded form [m:auto] login_token: N***0 source: com.huami.watch.hmwatchmanager:6.1.4-play:100440 device_id: 9***f lang: it device_model: android_phone os_version: v0.6.38 app_name: com.huami.midong device_id_type: androidid
Preliminar function..
def reLogin(self): re_login = urls.URLS["re_login"] data = urls.PAYLOADS['re_login'] data['login_token'] = self.login_token data['app_name'] = x_requested_with data['device_id'] = self.device_id # data['lang'] = "it" # data['device_model'] = "android_phone" # data['os_version'] = "v0.6.38" headers = {} response = requests.post(re_login, data=data, headers=headers, allow_redirects=False, verify=False) print(data) login_result = response.json() print ("RELOGIN:",login_result) self.app_token = login_result["token_info"]["app_token"] self.login_token = login_result["token_info"]["login_token"] response.raise_for_status()
all the function before response.raise_for_status() should check for error and try to reLogin.
Great! I will slightly rewrite it using https://github.com/samuelcolvin/pydantic
Login token and app token have an expiration.
They can be renewed with:
're_login': 'https://account.huami.com/v1/client/re_login'
and the following payload:
Full mitmproxy dump:
Preliminar function..
all the function before response.raise_for_status() should check for error and try to reLogin.