From 28da98d102c0feee8db63f8fcc70cf94c9dbefd3 Mon Sep 17 00:00:00 2001
From: binaryify <binaryify@gmail.com>
Date: Thu, 24 Mar 2022 18:10:29 +0800
Subject: [PATCH] =?UTF-8?q?=E7=99=BB=E5=BD=95=E6=8E=A5=E5=8F=A3=E6=9B=B4?=
 =?UTF-8?q?=E6=96=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docs/README.md            |  4 ++++
 module/login.js           | 20 ++++++++------------
 module/login_cellphone.js |  3 ++-
 3 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/docs/README.md b/docs/README.md
index 7b1cd2d..91d2237 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -416,6 +416,8 @@ $ sudo docker run -d -p 3000:3000 netease-music-api
 存结果的接口 , 可在请求 url 后面加一个时间戳参数使 url 不同 , 例子 :
 `/simi/playlist?id=347230&timestamp=1503019930000` (之所以加入缓存机制是因为项目早期没有缓存机制，很多 issues 都是报 IP 高频，请按自己需求改造缓存中间件(app.js)，源码不复杂)
 
+!> 不要频繁调登录接口,不然可能会被风控,登录状态还存在就不要重复调登录接口
+
 !> 如果是跨域请求 , 请在所有请求带上 `xhrFields: { withCredentials: true }` (axios 为 `withCredentials: true`, Fetch API 为 `fetch(url, { credentials: 'include' })`), 或直接手动传入 cookie (参见 `登录`), 否则
 可能会因为没带上 cookie 导致 301, 具体例子可看 `public/test.html`, 访问`http://localhost:3000/test.html`(默认端口的话) 例子使用 jQuery 和 axios
 
@@ -439,6 +441,8 @@ $ sudo docker run -d -p 3000:3000 netease-music-api
 
 说明 : 登录有三个接口,建议使用`encodeURIComponent`对密码编码或者使用`POST`请求,避免某些特殊字符无法解析,如`#`(`#`在 url 中会被识别为 hash,而不是 query)
 
+不要频繁调登录接口,不然可能会被风控,登录状态还存在就不要重复调登录接口
+
 #### 1. 手机登录
 
 **必选参数 :**  
diff --git a/module/login.js b/module/login.js
index 44787ce..085b189 100644
--- a/module/login.js
+++ b/module/login.js
@@ -4,6 +4,7 @@ const crypto = require('crypto')
 
 module.exports = async (query, request) => {
   query.cookie.os = 'pc'
+  query.cookie.appver = '2.9.7'
   const data = {
     username: query.email,
     password:
@@ -11,18 +12,13 @@ module.exports = async (query, request) => {
       crypto.createHash('md5').update(query.password).digest('hex'),
     rememberLogin: 'true',
   }
-  let result = await request(
-    'POST',
-    `https://music.163.com/weapi/login`,
-    data,
-    {
-      crypto: 'weapi',
-      ua: 'pc',
-      cookie: query.cookie,
-      proxy: query.proxy,
-      realIP: query.realIP,
-    },
-  )
+  let result = await request('POST', `https://music.163.com/api/login`, data, {
+    crypto: 'weapi',
+    ua: 'pc',
+    cookie: query.cookie,
+    proxy: query.proxy,
+    realIP: query.realIP,
+  })
   if (result.body.code === 502) {
     return {
       status: 200,
diff --git a/module/login_cellphone.js b/module/login_cellphone.js
index a66b592..7e5020c 100644
--- a/module/login_cellphone.js
+++ b/module/login_cellphone.js
@@ -4,6 +4,7 @@ const crypto = require('crypto')
 
 module.exports = async (query, request) => {
   query.cookie.os = 'pc'
+  query.cookie.appver = '2.9.7'
   const data = {
     phone: query.phone,
     countrycode: query.countrycode || '86',
@@ -16,7 +17,7 @@ module.exports = async (query, request) => {
   }
   let result = await request(
     'POST',
-    `https://music.163.com/weapi/login/cellphone`,
+    `https://music.163.com/api/login/cellphone`,
     data,
     {
       crypto: 'weapi',