使用Golang登录到私人网站和拉信息 [英] Use Golang to login to private site and pull info

问题描述

我尝试使用golang在一个网站的私人区域登录，并拉一些信息，但我似乎不太正确。
我设法获取登录页面以获得csrf令牌，然后我将csrf令牌与登录信息一起发布到登录页面，我登录正常。如果我停止在这一点，我可以看到我重定向的页面。

I try to use golang to login in a private area of a website and pull some info, but i don't quite seem to get it right. I manage to fetch the login page to get the csrf token, then i post the csrf token together with the login info to the login page and i login just fine. If i stop at this point, i can see the page where i am redirected. However, any subsequent calls from this point on will redirect me back to login.

代码

package main

import (
    "github.com/PuerkitoBio/goquery"
    "io"
    _ "io/ioutil"
    "log"
    "net/http"
    "net/url"
    _ "strings"
    "sync"
)

type Jar struct {
    sync.Mutex
    cookies map[string][]*http.Cookie
}

func NewJar() *Jar {
    jar := new(Jar)
    jar.cookies = make(map[string][]*http.Cookie)
    return jar
}

func (jar *Jar) SetCookies(u *url.URL, cookies []*http.Cookie) {
    jar.Lock()
    jar.cookies[u.Host] = cookies
    jar.Unlock()
}

func (jar *Jar) Cookies(u *url.URL) []*http.Cookie {
    return jar.cookies[u.Host]
}

func NewJarClient() *http.Client {
    return &http.Client{
        Jar: NewJar(),
    }
}

func fetch(w http.ResponseWriter, r *http.Request) {

    // create the client
    client := NewJarClient()

    // get the csrf token
    req, _ := http.NewRequest("GET", "http://www.domain.com/login", nil)
    resp, err := client.Do(req)
    if err != nil {
        log.Fatal(err)
    }

    doc, err := goquery.NewDocumentFromResponse(resp)
    if err != nil {
        log.Fatal(err)
    }

    csrfToken := ""
    if val, ok := doc.Find(`head meta[name="csrf-token-value"]`).Attr("content"); ok {
        csrfToken = val
    }

    // post on the login form.
    resp, _ = client.PostForm("http://www.domain.com/login", url.Values{
        "UserLogin[email]":    {"the email"},
        "UserLogin[password]": {"the password"},
        "csrf_token":          {csrfToken},
    })

    doc, err = goquery.NewDocumentFromResponse(resp)
    if err != nil {
        log.Fatal(err)
    }

    // if i stop here then i can see just fine the dashboard where i am redirected after login.
    // but if i continue and request a 3rd page, then i get the login page again,
    // sign that i lose the cookies and i am redirected back

    // html, _ := doc.Html()
    // io.WriteString(w, html)
    // return

    // from this point on, any request will give me the login page once again.
    // i am not sure why since the cookies should be set and sent on all requests
    req, _ = http.NewRequest("GET", "http://www.domain.com/dashboard", nil)
    resp, err = client.Do(req)
    if err != nil {
        log.Fatal(err)
    }

    doc, err = goquery.NewDocumentFromResponse(resp)
    if err != nil {
        log.Fatal(err)
    }

    html, _ := doc.Html()
    io.WriteString(w, html)
}

func main() {
    http.HandleFunc("/", fetch)
    http.ListenAndServe("127.0.0.1:49721", nil)
}

推荐答案

确定，问题是cookie的jar实现，更具体的SetCookies函数，现在是：

Ok, the issue is the cookie jar implementation, more specifically the SetCookies function, which right now is:

func (jar *Jar) SetCookies(u *url.URL, cookies []*http.Cookie) {
    jar.Lock()
    jar.cookies[u.Host] = cookies
    jar.Unlock()
}

这是错误的，因为新的cookie而不是被添加到现有的，它们将被添加为新的废弃旧的。

And this is wrong because new cookies instead of being added to the existing ones they will simply be added as new discarding the old ones.

似乎正确的方法是：

func (jar *Jar) SetCookies(u *url.URL, cookies []*http.Cookie) {
    jar.Lock()
    if _, ok := jar.cookies[u.Host]; ok {
        for _, c := range cookies {
            jar.cookies[u.Host] = append(jar.cookies[u.Host], c)
        }
    } else {
        jar.cookies[u.Host] = cookies
    }
    jar.Unlock()
}

这篇关于使用Golang登录到私人网站和拉信息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！