What's the secret hidden in Taobao code shared with wechat friends

It's going to be my birthday soon. I try to find the same gift I like on Taobao. Click the top right corner to share her wechat to see if she can read my careful thinking. This sharing process involves a "random code" (taopassword, which will be called as taopassword in the future). Don't underestimate this taopassword, which contains a lot of information. Today is mainly to share why Taobao shares the password of Taobao? What information does the password contain? And analyze how the tool is made.

This is a series of articles, involving the use and production of Taoke tools. Later, we will complete the development of a whole set of tools. Welcome to collect and watch the whole series. Link information may be involved in this article. It is only used for program explanation and demonstration, and cannot directly reach the specific product address. The QR code address on the picture has been mosaic processed.

Why is it garbled code (password searching)

As for the following text shared from Taobao, in addition to being able to understand the questions in brackets, can you guess that the other texts are also inseparable from each other? This so-called garbled text is the password of Amoy.

[hand shredded plain meat and dried tofu, 100 packages of plain steak, small package, spicy bar, leisure, delicious and inexpensive snacks] Click "link" and select "Browse", "HvpZYBM7U6D", and then "Browse", "

Wechat has a lot of restrictions on sharing, with which we can not be disturbed by too much information sharing. With restrictions, we need to recognize the above Mars like garbled code. Why can't wechat limit the garbled code? In fact, it can also be limited. In last year, there was a period of feedback from Taoists, and taopassword was also limited to share. But for chat content, it's easy to get hurt.

What's in the password

In fact, the Chinese characters or symbols you know or don't know in the above paragraph are all modifier words, and the key information in them is only the "HvpZYBM7U6D ," taopassword, which is similar to the link, but also can be called short link. In the password, the product link, product title and other information can be found. Here we use the code to identify the password. Take a look at the code?

const { TopClient: ApiClient } = require('./lib/api/topClient.js'); // Official download to SDK

/**
 * Configure KEY SECRET according to your actual situation
 */
const client = new ApiClient({
    'appkey': APP_KEY,
    'appsecret': APP_SECRET,
    'REST_URL': 'http://gw.api.taobao.com/router/rest'
});

const tpwdQuery = tpwd => {
    return new Promise((resolve, reject) => {
        client.execute('taobao.wireless.share.tpwd.query', {
            'password_content': tpwd
        }, (err, response) => {
            if (!err) {
                resolve(response)
            } else {
                reject(err);
            }
        })
    })   
}

tpwdQuery('¢HvpZYBM7U6D¢')
    .then(res => {
        /**
         * content: Product title
         * native_url: Taobao Schema address
         * pic_url: Commodity master plan
         * thumb_pic_url: Thumbnail of product main map
         * url: Product link (non product original link)
         */
        console.log(res);
    })

Through code analysis, we can see the picture link and title picture of the product, but the product link here is not the original link. The above link resolves to get a link that can be used for internal coupons. The link obtained through this resolution can get a coupon. Here we mainly talk about how to get the original link of the product by continuing to analyze the parameter content.

In order to get the original link, we need to simulate the url generated by requesting the password resolution. Here we use the request package used in the sdk.


const request = require('request');

/**
 * Simulation request for product details link
 */
function getDetailUrl(url, referer) {
    let options = {
        url,
        headers: {
            'User-Agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A372 Safari/604.1',
        }
    }
    referer && (options.headers.Referer = referer);
    return new Promise((resolve, reject) => {
        request(options, (err, response) => {
            if (!err) {
                resolve(response)
            } else {
                reject(err);
            }
        })
    })
}

/**
 * Get the original link https?://detail(\.m)?\.taobao|tmall\.com
 */

const getOriginUrl = tpwd => {
    return tpwdQuery(tpwd)
        .then(response => {
            // By parsing the URL of the password, continue to parse to get the product's own address
            return getDetailUrl(response.url)

        })
        .then(response => {
            const url = response.request.uri.href;
            // s.click address
            if (/s\.click\./.test(url)) {
                try {
                    const nextUrl = response.body.match(/(?<=var real_jump_address = ').*(?=')/)[0].replace(/amp;/g, '');
                    return getDetailUrl(nextUrl, url)
                        .then(response => {
                            return response.request.uri.href;
                        });
                } catch (e) {
                    return Promise.reject(e);
                }
            }
            return url;
        })
        .then(url => {
            return url;
        })

}


getOriginUrl('¢HvpZYBM7U6D¢')
    .then(res => {
        console.log(url); // Here is the original link of the product
    })

There is a problem in the above code, that is, the analysis of uland.taobao.com can't get the product information directly. The information in this can be explained in detail later when making another tool. Here, it's just the analysis of the common password and the non receipt order.

What is the purpose of the tool

Part of the function is that we have parsed the password to get the product link. The sorting function is that we can get whether there is internal voucher and rebate information of this product by conducting a directional query through the product link. That's why I make tools. If you are studying the tool making, or you are looking for an automatic promotion tool that suits you, or you want to use it Tools, you can experience the tools we developed tonight through the demo address in the picture below.

Follow up plan

Later, we will introduce that if you can query the discount information automatically through the product link, you can understand how this process comes to ordinary users, and developers can learn from the ideas in it to implement a tool of their own. If you are interested, you can click follow-up or collection to update the follow-up production process regularly.

Tags: node.js SDK REST Mac OS X

Posted on Mon, 09 Dec 2019 19:54:38 -0500 by nmohamm