Closed alwaysmda closed 3 years ago
There are actually two ways to authenticate for two different types of endpoints. The website you spoke of is for gacha logs while the cookie is for user stats, I go more into detail in the faq.
Regarding the cookies I actually just noticed their domain is actually .mihoyo.com
, but they're still visible from hoyolabs.
That means you can just send them to login from the official site instead.
Thanks for answering.
I've already tried the official website but I cannot access cookies through Android webview. I've noticed that also Firefox doesn't show those cookies. Maybe it's a restriction from mihoyo.
I doubt you can just "restrict" cookies. Maybe it's just that you only have the old version of cookies, which would be account_id
and cookie_token
.
Could you send which cookies you do see? I could try to see what's going on.
These are what I get using Firefox:
And this is what I get using Chrome:
And this is what I get using Android browser:
what I get from https://account.mihoyo.com/#/login
:
G_ENABLED_IDPS=google; mi18nLang=en-us; _MHYUUID=00e77fab-0713-4b14-911c-9e153ed0172f; login_ticket=iNX16mYLlGiUGcmflkENcgzYcXysCsa3o0Lun5EJ
what I get from https://www.hoyolab.com/genshin/
:
_gat=1; _ga=GA1.2.2099647256.1619417662; _gid=GA1.2.586922744.1619417662; mi18nLang=en-us; _MHYUUID=0dd2e45d-d055-4316-91bf-eb51844f8f21; login_ticket=tCCGPcQvILvS7WRjoDLh7YcVwulGg6e0T4hhAro7; account_id=133324740; cookie_token=GO76cLjbyOVNiosGAnyfSxFQBc4sq0vAqRQxY7tt
While I can use the last one with cookie_token
and account_id
to access apis now, but as you updated the repository, I was trying to get ltoken
and ltuid
but I wasn't successful.
I installed Firefox to look into this and yeah, it seems like the cookies are only for api-os-takumi.mihoyo.com
. I have no idea how or why are firefox and chrome giving different results. For some reason, I can see the results fine mihoyo's website, but not from the account login.
After a bit of messing around, I somehow managed to get the ltoken from... somewhere.
For the time being, you can use the cookie_token and account_id, as they seem to just be some sort of backwards compatibility thing. My API still works with those but I'll try to update the readme so people can know you can use both.
You can also use https://webapi-os.account.mihoyo.com/Api/cookie_accountinfo_by_loginticket?login_ticket=<LOGIN_TICKET>
to get the cookie_token
and account_id
from a login ticket.
Although I cannot get the ltoken
and ltuid
, but the new api to get old cookie data using login_ticket
is very good!!
I hope they don't remove cookie_token
and account_id
anytime soon :D
Please let me know if you found any other ways to get new cookies.
Hello again :D
I'm trying to use api info to create an Android application to show user's info. Unfortunately I cannot get the
ltoken
andltuid
cookies from device. Maybe it's because they are secured values.There is a website
https://genshin-wishes.com/
that uses the feedback link to authenticate and shows detailed gacha logs.I wonder if we can use this method to access apis.
Thank you!