Fix qianwen csrf token

wong2 · wong2 · commit 3a029f22acd1 · 2023-09-06T11:23:14.000+08:00
diff --git a/src/app/bots/qianwen/api.ts b/src/app/bots/qianwen/api.ts
@@ -10,12 +10,12 @@ interface CreationResponse {
   errorCode: string | null
 }
 
-export async function createConversation(firstQuery: string) {
+export async function createConversation(firstQuery: string, csrfToken: string) {
   const resp = await ofetch<CreationResponse>('https://qianwen.aliyun.com/addSession', {
     method: 'POST',
     body: { firstQuery },
     headers: {
-      'X-Xsrf-Token': '7a3dae93-1d29-4eb6-9940-34efad5a2b78',
+      'X-Xsrf-Token': csrfToken,
     },
   })
   if (!resp.success) {
@@ -26,3 +26,17 @@ export async function createConversation(firstQuery: string) {
   }
   return resp.data.sessionId
 }
+
+function extractVariable(variableName: string, html: string) {
+  const regex = new RegExp(`${variableName}\\s?=\\s?"([^"]+)"`)
+  const match = regex.exec(html)
+  if (!match) {
+    throw new Error('Failed to get csrfToken')
+  }
+  return match[1]
+}
+
+export async function getCsrfToken() {
+  const html = await ofetch('https://qianwen.aliyun.com', { parseResponse: (t) => t })
+  return extractVariable('csrfToken', html)
+}
diff --git a/src/app/bots/qianwen/index.ts b/src/app/bots/qianwen/index.ts
@@ -2,7 +2,7 @@ import { parseSSEResponse } from '~utils/sse'
 import { AbstractBot, SendMessageParams } from '../abstract-bot'
 import { requestHostPermission } from '~app/utils/permissions'
 import { ChatError, ErrorCode } from '~utils/errors'
-import { createConversation } from './api'
+import { createConversation, getCsrfToken } from './api'
 import { uuid } from '~utils'
 
 function generateMessageId() {
@@ -11,6 +11,7 @@ function generateMessageId() {
 
 interface ConversationContext {
   conversationId: string
+  csrfToken: string
   lastMessageId?: string
 }
 
@@ -23,16 +24,17 @@ export class QianwenWebBot extends AbstractBot {
     }
 
     if (!this.conversationContext) {
-      const conversationId = await createConversation(params.prompt)
-      this.conversationContext = { conversationId }
+      const csrfToken = await getCsrfToken()
+      const conversationId = await createConversation(params.prompt, csrfToken)
+      this.conversationContext = { conversationId, csrfToken }
     }
 
     const resp = await fetch('https://qianwen.aliyun.com/conversation', {
       method: 'POST',
       signal: params.signal,
       headers: {
         'Content-Type': 'application/json',
-        'X-Xsrf-Token': '7a3dae93-1d29-4eb6-9940-34efad5a2b78',
+        'X-Xsrf-Token': this.conversationContext.csrfToken,
       },
       body: JSON.stringify({
         action: 'next',
