Skip to content

Instantly share code, notes, and snippets.

Last active July 25, 2021 19:25
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do? automatic password login flow for scraping posts/images
const forge = require('node-forge')
const fetch = require('node-fetch')
const publicKey = `-----BEGIN RSA PUBLIC KEY-----
const key = forge.pki.publicKeyFromPem(publicKey);
const encryptedPassword = key.encrypt("your-password-here", 'RSA-OAEP')
const data = await fetch("", {
method: "POST",
body: JSON.stringify({
grant_type: "password",
client_id: "weverse-test",
username: "",
password: encryptedPassword
}).then(res => res.json())
// the auth token expires every 6 months
// the refresh token expires every 1 year so you have to redo this login flow once a year
// NOTE: if you log into the account you're automating you will invalidate your existing token
// when your auth token expires you can refresh it with an existing refresh token
const nextData = await fetch("", {
method: "POST",
body: JSON.stringify({
grant_type: "refresh_token",
client_id: "weverse-test",
refresh_token: data.refresh_token
}).then(res => res.json())
/// ------------- IMPORTANT ---------------
/// DO NOT try to login to "weverse". Always login to "weverse-test" otherwise you will get locked out from logging in.
/// At least I got locked out lol so I guess it's not supported
/// ------------- IMPORTANT ---------------
// this public key is hardcoded in the client side bundle but it may change in the future, if you want to be safe
// and fetch it dynamically you need to write code that will:
// 1. go to (yes I know weverse-test lol)
// 2. search for the dynamically included script in the root `<script src="/static/js/main.[chunkhash].js"></script>`
// 3. regex search the included chunk for `-----BEGIN RSA PUBLIC KEY-----(.|\n)+----END RSA PUBLIC KEY-----`
// hi weverse team if you're reading this I love you I'm not abusing your service I promise
// I just want to look at pics of kpop girls but you don't provide webhooks for new posts :(
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment