Add act cookie on login

fbchat-dev · Jun 14, 2020 · d650946 · d650946
1 parent 8ac6dc4
commit d650946
Showing 1 changed file with 29 additions and 8 deletions.
diff --git a/fbchat/_session.py b/fbchat/_session.py
@@ -107,6 +107,10 @@ def session_factory() -> requests.Session:
     return session
 
 
+def login_cookies(at: datetime.datetime):
+    return {"act": "{}/0".format(_util.datetime_to_millis(at))}
+
+
 def client_id_factory() -> str:
     return hex(int(random.random() * 2 ** 31))[2:]
 
@@ -143,23 +147,29 @@ def two_factor_helper(session: requests.Session, r, on_2fa_callback):
     while "approvals_code" in data:
         data["approvals_code"] = on_2fa_callback()
         log.info("Submitting 2FA code")
-        r = session.post(url, data=data, allow_redirects=False)
+        r = session.post(
+            url, data=data, allow_redirects=False, cookies=login_cookies(_util.now())
+        )
         log.debug("2FA location: %s", r.headers.get("Location"))
         url, data = find_form_request(r.content.decode("utf-8"))
 
     # TODO: Can be missing if checkup flow was done on another device in the meantime?
     if "name_action_selected" in data:
         data["name_action_selected"] = "save_device"
         log.info("Saving browser")
-        r = session.post(url, data=data, allow_redirects=False)
+        r = session.post(
+            url, data=data, allow_redirects=False, cookies=login_cookies(_util.now())
+        )
         log.debug("2FA location: %s", r.headers.get("Location"))
         url = r.headers.get("Location")
         if url and url.startswith("https://www.messenger.com/login/auth_token/"):
             return url
         url, data = find_form_request(r.content.decode("utf-8"))
 
     log.info("Starting Facebook checkup flow")
-    r = session.post(url, data=data, allow_redirects=False)
+    r = session.post(
+        url, data=data, allow_redirects=False, cookies=login_cookies(_util.now())
+    )
     log.debug("2FA location: %s", r.headers.get("Location"))
 
     url, data = find_form_request(r.content.decode("utf-8"))
@@ -172,15 +182,19 @@ def two_factor_helper(session: requests.Session, r, on_2fa_callback):
     data["submit[This was me]"] = "[any value]"
     del data["submit[This wasn't me]"]
     log.info("Verifying login attempt")
-    r = session.post(url, data=data, allow_redirects=False)
+    r = session.post(
+        url, data=data, allow_redirects=False, cookies=login_cookies(_util.now())
+    )
     log.debug("2FA location: %s", r.headers.get("Location"))
 
     url, data = find_form_request(r.content.decode("utf-8"))
     if "name_action_selected" not in data:
         raise _exception.ParseError("Could not fill out form properly (3)", data=data)
     data["name_action_selected"] = "save_device"
     log.info("Saving device again")
-    r = session.post(url, data=data, allow_redirects=False)
+    r = session.post(
+        url, data=data, allow_redirects=False, cookies=login_cookies(_util.now())
+    )
     log.debug("2FA location: %s", r.headers.get("Location"))
     return r.headers.get("Location")
 
@@ -296,6 +310,7 @@ def login(
                 "https://www.messenger.com/login/password/",
                 data=data,
                 allow_redirects=False,
+                cookies=login_cookies(_util.now()),
             )
         except requests.RequestException as e:
             _exception.handle_requests_error(e)
@@ -319,18 +334,24 @@ def login(
             if not url.startswith("https://www.facebook.com/checkpoint/start/"):
                 raise _exception.ParseError("Failed 2fa flow (1)", data=url)
 
-            r = session.get(url, allow_redirects=False)
+            r = session.get(
+                url, allow_redirects=False, cookies=login_cookies(_util.now())
+            )
             url = r.headers.get("Location")
             if not url or not url.startswith("https://www.facebook.com/checkpoint/"):
                 raise _exception.ParseError("Failed 2fa flow (2)", data=url)
 
-            r = session.get(url, allow_redirects=False)
+            r = session.get(
+                url, allow_redirects=False, cookies=login_cookies(_util.now())
+            )
             url = two_factor_helper(session, r, on_2fa_callback)
 
             if not url.startswith("https://www.messenger.com/login/auth_token/"):
                 raise _exception.ParseError("Failed 2fa flow (3)", data=url)
 
-            r = session.get(url, allow_redirects=False)
+            r = session.get(
+                url, allow_redirects=False, cookies=login_cookies(_util.now())
+            )
             url = r.headers.get("Location")
 
         if url != "https://www.messenger.com/":