mirror of
https://github.com/HChaZZY/PiliPlus.git
synced 2025-12-06 09:13:48 +08:00
mod: csrf
This commit is contained in:
My-Responsitories
@@ -1,4 +1,5 @@
|
||||
import 'package:PiliPlus/http/loading_state.dart';
|
||||
import 'package:PiliPlus/utils/storage.dart';
|
||||
|
||||
import '../models/user/black.dart';
|
||||
import 'index.dart';
|
||||
@@ -11,7 +12,7 @@ class BlackHttp {
|
||||
'ps': ps ?? 50,
|
||||
're_version': 0,
|
||||
'jsonp': 'jsonp',
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
});
|
||||
if (res.data['code'] == 0) {
|
||||
BlackListDataModel data = BlackListDataModel.fromJson(res.data['data']);
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
import 'package:PiliPlus/grpc/dm/v1/dm.pb.dart';
|
||||
import 'package:PiliPlus/grpc/grpc_repo.dart';
|
||||
import 'package:PiliPlus/utils/storage.dart';
|
||||
import 'package:dio/dio.dart';
|
||||
import 'index.dart';
|
||||
|
||||
@@ -83,7 +84,7 @@ class DanmakuHttp {
|
||||
'rnd': DateTime.now().microsecondsSinceEpoch,
|
||||
'colorful': colorful == true ? 60001 : null,
|
||||
'checkbox_type': checkbox_type,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
// 'access_key': access_key,
|
||||
}..removeWhere((key, value) => value == null);
|
||||
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
import '../models/user/danmaku_block.dart';
|
||||
import '../utils/storage.dart';
|
||||
import 'index.dart';
|
||||
|
||||
class DanmakuFilterHttp {
|
||||
@@ -22,7 +23,7 @@ class DanmakuFilterHttp {
|
||||
Api.danmakuFilterDel,
|
||||
queryParameters: {
|
||||
'ids': ids,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
);
|
||||
if (res.data['code'] == 0) {
|
||||
@@ -45,7 +46,7 @@ class DanmakuFilterHttp {
|
||||
queryParameters: {
|
||||
'type': type,
|
||||
'filter': filter,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
);
|
||||
if (res.data['code'] == 0) {
|
||||
|
||||
@@ -67,7 +67,7 @@ class DynamicsHttp {
|
||||
queryParameters: {
|
||||
'dynamic_id': dynamicId,
|
||||
'up': up,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
);
|
||||
if (res.data['code'] == 0) {
|
||||
@@ -125,7 +125,7 @@ class DynamicsHttp {
|
||||
var res = await Request().post(
|
||||
Api.setTopDyn,
|
||||
queryParameters: {
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
data: {
|
||||
'dyn_str': dynamicId,
|
||||
|
||||
@@ -61,11 +61,6 @@ class Request {
|
||||
}
|
||||
}
|
||||
|
||||
// 从cookie中获取 csrf token
|
||||
static Future<String> getCsrf() async {
|
||||
return Accounts.main.csrf;
|
||||
}
|
||||
|
||||
// static Future<void> buvidActive(Account account) async {
|
||||
// // 这样线程不安全, 但仍按预期进行
|
||||
// if (account.activited) return;
|
||||
|
||||
@@ -4,6 +4,7 @@ import 'package:PiliPlus/models/live/danmu_info.dart';
|
||||
import 'package:PiliPlus/models/live/follow.dart';
|
||||
import 'package:PiliPlus/models/live/live_emoticons/data.dart';
|
||||
import 'package:PiliPlus/models/live/live_emoticons/datum.dart';
|
||||
import 'package:PiliPlus/utils/storage.dart';
|
||||
import 'package:PiliPlus/utils/wbi_sign.dart';
|
||||
import 'package:dio/dio.dart';
|
||||
import '../models/live/item.dart';
|
||||
@@ -42,7 +43,7 @@ class LiveHttp {
|
||||
}
|
||||
|
||||
static Future sendLiveMsg({roomId, msg, dmType, emoticonOptions}) async {
|
||||
dynamic csrf = await Request.getCsrf();
|
||||
String csrf = Accounts.main.csrf;
|
||||
var res = await Request().post(
|
||||
Api.sendLiveMsg,
|
||||
data: FormData.fromMap({
|
||||
|
||||
@@ -42,7 +42,7 @@ class MemberHttp {
|
||||
'mid': mid,
|
||||
'reason': reason,
|
||||
if (reasonV2 != null) 'reason_v2': reasonV2,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
),
|
||||
);
|
||||
@@ -476,7 +476,7 @@ class MemberHttp {
|
||||
isAdd ? Api.addSpecial : Api.delSpecial,
|
||||
data: {
|
||||
'fid': fid,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
options: Options(
|
||||
contentType: Headers.formUrlEncodedContentType,
|
||||
@@ -499,7 +499,7 @@ class MemberHttp {
|
||||
data: {
|
||||
'fids': fids,
|
||||
'tagids': tagids ?? '0',
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
// 'cross_domain': true
|
||||
},
|
||||
options: Options(
|
||||
|
||||
@@ -6,6 +6,7 @@ import 'package:PiliPlus/models/msg/msgfeed_like_me.dart';
|
||||
import 'package:PiliPlus/models/msg/msgfeed_reply_me.dart';
|
||||
import 'package:PiliPlus/models/msg/msgfeed_sys_msg.dart';
|
||||
import 'package:PiliPlus/pages/dynamics/view.dart' show ReplyOption;
|
||||
import 'package:PiliPlus/utils/storage.dart';
|
||||
import 'package:dio/dio.dart';
|
||||
import 'package:flutter/material.dart';
|
||||
import 'package:uuid/uuid.dart';
|
||||
@@ -85,7 +86,7 @@ class MsgHttp {
|
||||
}
|
||||
|
||||
static Future msgSysUpdateCursor(int cursor) async {
|
||||
String csrf = await Request.getCsrf();
|
||||
String csrf = Accounts.main.csrf;
|
||||
var res = await Request().get(Api.msgSysUpdateCursor, queryParameters: {
|
||||
'csrf': csrf,
|
||||
'cursor': cursor,
|
||||
@@ -125,7 +126,7 @@ class MsgHttp {
|
||||
ReplyOption? replyOption,
|
||||
int? privatePub,
|
||||
}) async {
|
||||
String csrf = await Request.getCsrf();
|
||||
String csrf = Accounts.main.csrf;
|
||||
var res = await Request().post(
|
||||
Api.createDynamic,
|
||||
queryParameters: {
|
||||
@@ -204,7 +205,7 @@ class MsgHttp {
|
||||
'bucket': bucket,
|
||||
'file': await MultipartFile.fromFile(path),
|
||||
'dir': dir,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
}),
|
||||
);
|
||||
if (res.data['code'] == 0) {
|
||||
@@ -231,7 +232,7 @@ class MsgHttp {
|
||||
'file_up': file,
|
||||
if (category != null) 'category': category,
|
||||
if (biz != null) 'biz': biz,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
};
|
||||
var res = await Request().post(
|
||||
Api.uploadBfs,
|
||||
@@ -254,7 +255,7 @@ class MsgHttp {
|
||||
static Future createTextDynamic(
|
||||
dynamic content,
|
||||
) async {
|
||||
String csrf = await Request.getCsrf();
|
||||
String csrf = Accounts.main.csrf;
|
||||
Map<String, dynamic> data = await WbiSign.makSign({
|
||||
'dynamic_id': 0,
|
||||
'type': 4,
|
||||
@@ -280,7 +281,7 @@ class MsgHttp {
|
||||
static Future removeDynamic(
|
||||
dynamic dynamicId,
|
||||
) async {
|
||||
String csrf = await Request.getCsrf();
|
||||
String csrf = Accounts.main.csrf;
|
||||
Map<String, dynamic> data = await WbiSign.makSign({
|
||||
'dynamic_id': dynamicId,
|
||||
'csrf_token': csrf,
|
||||
@@ -303,7 +304,7 @@ class MsgHttp {
|
||||
static Future removeMsg(
|
||||
dynamic talkerId,
|
||||
) async {
|
||||
String csrf = await Request.getCsrf();
|
||||
String csrf = Accounts.main.csrf;
|
||||
Map<String, dynamic> data = await WbiSign.makSign({
|
||||
'talker_id': talkerId,
|
||||
'session_type': 1,
|
||||
@@ -327,7 +328,7 @@ class MsgHttp {
|
||||
int tp,
|
||||
dynamic id,
|
||||
) async {
|
||||
String csrf = await Request.getCsrf();
|
||||
String csrf = Accounts.main.csrf;
|
||||
var res = await Request().post(
|
||||
Api.delMsgfeed,
|
||||
data: {
|
||||
@@ -355,7 +356,7 @@ class MsgHttp {
|
||||
static Future delSysMsg(
|
||||
dynamic id,
|
||||
) async {
|
||||
String csrf = await Request.getCsrf();
|
||||
String csrf = Accounts.main.csrf;
|
||||
var res = await Request().post(
|
||||
HttpString.messageBaseUrl + Api.delSysMsg,
|
||||
queryParameters: {
|
||||
@@ -384,7 +385,7 @@ class MsgHttp {
|
||||
required dynamic talkerId,
|
||||
required int opType,
|
||||
}) async {
|
||||
String csrf = await Request.getCsrf();
|
||||
String csrf = Accounts.main.csrf;
|
||||
Map<String, dynamic> data = await WbiSign.makSign({
|
||||
'talker_id': talkerId,
|
||||
'session_type': 1,
|
||||
@@ -485,7 +486,7 @@ class MsgHttp {
|
||||
int? talkerId,
|
||||
int? ackSeqno,
|
||||
}) async {
|
||||
String csrf = await Request.getCsrf();
|
||||
String csrf = Accounts.main.csrf;
|
||||
Map params = await WbiSign.makSign({
|
||||
'talker_id': talkerId,
|
||||
'session_type': 1,
|
||||
@@ -519,7 +520,7 @@ class MsgHttp {
|
||||
int? msgType,
|
||||
dynamic content,
|
||||
}) async {
|
||||
String csrf = await Request.getCsrf();
|
||||
String csrf = Accounts.main.csrf;
|
||||
Map<String, dynamic> base = {
|
||||
'msg[sender_uid]': senderUid,
|
||||
'msg[receiver_id]': receiverId,
|
||||
|
||||
@@ -234,7 +234,7 @@ class ReplyHttp {
|
||||
'pn': pageNum,
|
||||
'type': type,
|
||||
'sort': 1,
|
||||
if (isLogin) 'csrf': await Request.getCsrf(),
|
||||
if (isLogin) 'csrf': Accounts.main.csrf,
|
||||
},
|
||||
options: isLogin.not ? _options : null,
|
||||
);
|
||||
@@ -342,7 +342,7 @@ class ReplyHttp {
|
||||
'oid': oid,
|
||||
'rpid': rpid,
|
||||
'action': action,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
options: Options(
|
||||
contentType: Headers.formUrlEncodedContentType,
|
||||
@@ -369,7 +369,7 @@ class ReplyHttp {
|
||||
'oid': oid,
|
||||
'rpid': rpid,
|
||||
'action': action,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
);
|
||||
if (res.data['code'] == 0) {
|
||||
@@ -406,7 +406,7 @@ class ReplyHttp {
|
||||
'type': type,
|
||||
'rpid': rpid,
|
||||
'action': isUpTop ? 0 : 1,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
options: Options(
|
||||
contentType: Headers.formUrlEncodedContentType,
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import 'package:PiliPlus/http/loading_state.dart';
|
||||
import 'package:PiliPlus/models/video/later.dart';
|
||||
import 'package:PiliPlus/utils/global_data.dart';
|
||||
import 'package:PiliPlus/utils/storage.dart';
|
||||
import 'package:PiliPlus/utils/utils.dart';
|
||||
import 'package:PiliPlus/utils/wbi_sign.dart';
|
||||
import 'package:dio/dio.dart';
|
||||
@@ -71,7 +72,7 @@ class UserHttp {
|
||||
}) async {
|
||||
Map<String, dynamic> data = {
|
||||
'sort': sort.join(','),
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
};
|
||||
Utils.appSign(data);
|
||||
var res = await Request().post(
|
||||
@@ -95,7 +96,7 @@ class UserHttp {
|
||||
Map<String, dynamic> data = {
|
||||
'media_id': mediaId,
|
||||
'sort': sort.join(','),
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
};
|
||||
Utils.appSign(data);
|
||||
var res = await Request().post(
|
||||
@@ -120,7 +121,7 @@ class UserHttp {
|
||||
data: {
|
||||
'media_id': mediaId,
|
||||
'platform': 'web',
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
options: Options(
|
||||
contentType: Headers.formUrlEncodedContentType,
|
||||
@@ -140,7 +141,7 @@ class UserHttp {
|
||||
data: {
|
||||
'media_ids': mediaIds.join(','),
|
||||
'platform': 'web',
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
options: Options(
|
||||
contentType: Headers.formUrlEncodedContentType,
|
||||
@@ -166,7 +167,7 @@ class UserHttp {
|
||||
'intro': intro,
|
||||
'privacy': privacy,
|
||||
'cover': cover.isNotEmpty ? Uri.encodeFull(cover) : cover,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
if (mediaId != null) 'media_id': mediaId,
|
||||
},
|
||||
options: Options(
|
||||
@@ -284,7 +285,7 @@ class UserHttp {
|
||||
queryParameters: {
|
||||
'switch': switchStatus,
|
||||
'jsonp': 'jsonp',
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
);
|
||||
return res;
|
||||
@@ -306,7 +307,7 @@ class UserHttp {
|
||||
Api.clearHistory,
|
||||
queryParameters: {
|
||||
'jsonp': 'jsonp',
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
);
|
||||
return res;
|
||||
@@ -314,7 +315,7 @@ class UserHttp {
|
||||
|
||||
// 稍后再看
|
||||
static Future toViewLater({String? bvid, dynamic aid}) async {
|
||||
var data = {'csrf': await Request.getCsrf()};
|
||||
var data = {'csrf': Accounts.main.csrf};
|
||||
if (bvid != null) {
|
||||
data['bvid'] = bvid;
|
||||
} else if (aid != null) {
|
||||
@@ -334,7 +335,7 @@ class UserHttp {
|
||||
// 移除已观看
|
||||
static Future toViewDel({required List<int?> aids}) async {
|
||||
final Map<String, dynamic> params = {
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
'resources': aids.join(',')
|
||||
};
|
||||
dynamic res = await Request().post(
|
||||
@@ -374,7 +375,7 @@ class UserHttp {
|
||||
Api.toViewClear,
|
||||
queryParameters: {
|
||||
if (cleanType != null) 'clean_type': cleanType,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
);
|
||||
if (res.data['code'] == 0) {
|
||||
@@ -391,7 +392,7 @@ class UserHttp {
|
||||
data: {
|
||||
'kid': kidList.join(','),
|
||||
'jsonp': 'jsonp',
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
options: Options(
|
||||
contentType: Headers.formUrlEncodedContentType,
|
||||
@@ -524,7 +525,7 @@ class UserHttp {
|
||||
Api.addFavArticle,
|
||||
data: {
|
||||
'id': id,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
options: Options(
|
||||
contentType: Headers.formUrlEncodedContentType,
|
||||
@@ -544,7 +545,7 @@ class UserHttp {
|
||||
Api.delFavArticle,
|
||||
data: {
|
||||
'id': id,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
options: Options(
|
||||
contentType: Headers.formUrlEncodedContentType,
|
||||
@@ -564,7 +565,7 @@ class UserHttp {
|
||||
var res = await Request().post(
|
||||
Api.communityAction,
|
||||
queryParameters: {
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
data: {
|
||||
"entity": {
|
||||
@@ -609,7 +610,7 @@ class UserHttp {
|
||||
Api.unfavFolder,
|
||||
queryParameters: {
|
||||
'media_id': id,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
);
|
||||
} else {
|
||||
@@ -618,7 +619,7 @@ class UserHttp {
|
||||
queryParameters: {
|
||||
'platform': 'web',
|
||||
'season_id': id,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
);
|
||||
}
|
||||
|
||||
@@ -823,7 +823,7 @@ class VideoHttp {
|
||||
await Request().post(
|
||||
Api.roomEntryAction,
|
||||
queryParameters: {
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
data: {
|
||||
'room_id': roomId,
|
||||
|
||||
@@ -437,7 +437,7 @@ class AuthorPanel extends StatelessWidget {
|
||||
final res = await Request().post(
|
||||
'/x/dynamic/feed/dynamic_report/add',
|
||||
queryParameters: {
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
data: {
|
||||
"accused_uid": item.modules.moduleAuthor.mid,
|
||||
|
||||
@@ -470,7 +470,7 @@ class _EditProfilePageState extends State<EditProfilePage> {
|
||||
.post(
|
||||
'/x/member/web/face/update',
|
||||
queryParameters: {
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
},
|
||||
data: FormData.fromMap({
|
||||
'dopost': 'save',
|
||||
|
||||
@@ -1104,7 +1104,7 @@ class ReplyItemGrpc extends StatelessWidget {
|
||||
'/x/v2/reply/report',
|
||||
data: {
|
||||
'add_blacklist': banUid,
|
||||
'csrf': await Request.getCsrf(),
|
||||
'csrf': Accounts.main.csrf,
|
||||
'gaia_source': 'main_h5',
|
||||
'oid': item.oid,
|
||||
'platform': 'android',
|
||||
|
||||
Reference in New Issue
Block a user