Back to Details

yida-login

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

宜搭登录态管理技能

Yida Login State Management Skill

概述

Overview

本技能提供宜搭平台的登录态管理能力,支持 Cookie 持久化和自动验证,首次使用需扫码登录,后续自动复用 Cookie。
This skill provides login state management capabilities for the Yida platform, supporting cookie persistence and automatic verification. A QR code login is required for the first use, and cookies will be reused automatically in subsequent uses.

何时使用

When to Use

当以下场景发生时使用此技能:
  • 首次使用宜搭技能,需要扫码登录
  • Cookie 过期或失效,需要重新登录
  • 其他技能调用时提示登录态异常
  • 用户要求手动执行登录
Use this skill in the following scenarios:
  • First-time use of Yida skills, requiring QR code login
  • Cookies expired or invalid, requiring re-login
  • Login state exception prompts when calling other skills
  • User requests manual login execution

使用示例

Usage Examples

示例 1:触发登录

Example 1: Trigger Login

场景:手动触发扫码登录 命令
bash
python3 .claude/skills/yida-login/scripts/login.py
输出
json
{"csrf_token":"b2a5d192-xxx","corp_id":"dingxxx","user_id":"1955225xxx","base_url":"https://abcd.aliwork.com"}
Scenario: Manually trigger QR code login Command:
bash
python3 .claude/skills/yida-login/scripts/login.py
Output:
json
{"csrf_token":"b2a5d192-xxx","corp_id":"dingxxx","user_id":"1955225xxx","base_url":"https://abcd.aliwork.com"}

示例 2:刷新 CSRF Token

Example 2: Refresh CSRF Token

场景:CSRF Token 失效但 Cookie 有效 命令
bash
python3 .claude/skills/yida-login/scripts/login.py --refresh-csrf
Scenario: CSRF Token is invalid but cookies are valid Command:
bash
python3 .claude/skills/yida-login/scripts/login.py --refresh-csrf

使用方式

Usage Method

bash
python3 .claude/skills/yida-login/scripts/login.py
无需任何参数,登录地址从项目根目录的 
config.json
中读取(
loginUrl
字段),登录后可能跳转到 
abcd.aliwork.com
等域名。
输出:登录成功后,将 
csrf_token
base_url
(跳转后的实际域名)和 Cookie 信息以 JSON 格式输出到 stdout,同时 Cookie 持久化到项目根目录的 
.cache/cookies.json
⚠️ 重要
base_url
取自登录成功后浏览器实际跳转到的域名,而非 
config.json
中配置的 
loginUrl
defaultBaseUrl
。例如,即使 
loginUrl
配置为 
https://www.aliwork.com
,如果你的账号所属组织对应的是 
abcd.aliwork.com
,平台会自动跳转,最终 
base_url
将是 
https://abcd.aliwork.com
。后续所有 API 请求(包括 
yida-publish
发布)都会使用这个 
base_url
。如需发布到特定域名,请确保 
config.json
中的 
loginUrl
指向该域名对应的组织,并且你的账号属于该组织。
项目根目录通过向上查找 
config.json
.git
目录来定位。
bash
python3 .claude/skills/yida-login/scripts/login.py
No parameters are required. The login address is read from the 
loginUrl
field in the 
config.json
file in the project root directory. After login, it may redirect to domains such as 
abcd.aliwork.com
.
Output: After successful login, 
csrf_token
, 
base_url
(the actual domain after redirection) and cookie information will be output to stdout in JSON format. Meanwhile, cookies will be persisted to 
.cache/cookies.json
in the project root directory.
⚠️ Important: 
base_url
is obtained from the actual domain the browser redirects to after login, not the 
loginUrl
or 
defaultBaseUrl
configured in 
config.json
. For example, even if 
loginUrl
is configured as 
https://www.aliwork.com
, if your account's organization corresponds to 
abcd.aliwork.com
, the platform will automatically redirect, and the final 
base_url
will be 
https://abcd.aliwork.com
. All subsequent API requests (including 
yida-publish
releases) will use this 
base_url
. To publish to a specific domain, ensure that the 
loginUrl
in 
config.json
points to the domain corresponding to that organization, and your account belongs to that organization.
The project root directory is located by searching upward for the 
config.json
or 
.git
directory.

工作流程

Workflow

  1. 检查本地是否存在 
    .cache/cookies.json
    缓存(包含 Cookie 和 
    base_url
  2. 若存在,直接从 Cookie 中提取 
    csrf_token
    tianshu_csrf_token
    )、
    corp_id
    user_id
    tianshu_corp_user
    ),无需访问任何页面
  3. 若 Cookie 中无 
    tianshu_csrf_token
    ,视为失效,打开有头浏览器让用户扫码登录
  4. 登录成功后直接从 Cookie 中提取所需信息,保存 Cookie 和 
    base_url
    (从登录后实际跳转的 URL 获取)
  1. Check if the 
    .cache/cookies.json
    cache (containing cookies and 
    base_url
    ) exists locally
  2. If it exists, directly extract 
    csrf_token
    (
    tianshu_csrf_token
    ), 
    corp_id
    and 
    user_id
    (
    tianshu_corp_user
    ) from the cookies without accessing any pages
  3. If 
    tianshu_csrf_token
    is not present in the cookies, it is considered invalid, and a headed browser will be opened for the user to scan the QR code to log in
  4. After successful login, extract the required information directly from the cookies, and save the cookies and 
    base_url
    (obtained from the actual redirected URL after login)

前置依赖

Prerequisites

  • Python 3.12+
  • playwright(
    pip install playwright && playwright install chromium
  • Python 3.12+
  • playwright(
    pip install playwright && playwright install chromium

文件结构

File Structure

yida-login/
├── SKILL.md           # 本文档
└── scripts/
    └── login.py       # 登录脚本

项目根目录/
├── config.json        # 全局配置(loginUrl、defaultBaseUrl)
└── .cache/
    └── cookies.json   # 登录态缓存(运行时自动生成,含 Cookie + base_url)
yida-login/
├── SKILL.md           # This document
└── scripts/
    └── login.py       # Login script

Project Root Directory/
├── config.json        # Global configuration (loginUrl, defaultBaseUrl)
└── .cache/
    └── cookies.json   # Login state cache (automatically generated at runtime, contains cookies + base_url)

输出格式

Output Format

脚本成功执行后,最后一行输出 JSON:
json
{
  "csrf_token": "b2a5d192-db90-484c-880f-9b48edd396d5",
  "corp_id": "ding9a0954b4f9d9d40ef5bf40eda33b7ba0",
  "user_id": "19552253733782",
  "base_url": "https://abcd.aliwork.com",
  "cookies": [...]
}
csrf_token
从 Cookie 
tianshu_csrf_token
的 value 中提取;
corp_id
user_id
从 Cookie 
tianshu_corp_user
的 value 中提取,格式为 
{corpId}_{userId}
,按最后一个 
_
分隔。
base_url
是登录后浏览器实际跳转到的域名(如 
https://abcd.aliwork.com
),可能与 
config.json
中的 
loginUrl
不同。其他脚本应使用此值作为 API 请求的基础地址,而非硬编码域名。
其他脚本可通过管道接收并解析 stdout 最后一行获取登录态信息。
After the script is successfully executed, the last line outputs JSON:
json
{
  "csrf_token": "b2a5d192-db90-484c-880f-9b48edd396d5",
  "corp_id": "ding9a0954b4f9d9d40ef5bf40eda33b7ba0",
  "user_id": "19552253733782",
  "base_url": "https://abcd.aliwork.com",
  "cookies": [...]
}
csrf_token
is extracted from the value of the cookie 
tianshu_csrf_token
; 
corp_id
and 
user_id
are extracted from the value of the cookie 
tianshu_corp_user
, which is in the format 
{corpId}_{userId}
, separated by the last 
_
.
base_url
is the actual domain the browser redirects to after login (e.g., 
https://abcd.aliwork.com
), which may differ from the 
loginUrl
in 
config.json
. Other scripts should use this value as the base address for API requests instead of hardcoding the domain.
Other scripts can receive and parse the last line of stdout via a pipe to obtain login state information.

缓存格式

Cache Format

.cache/cookies.json
文件格式(兼容旧版纯 Cookie 数组):
json
{
  "cookies": [...],
  "base_url": "https://abcd.aliwork.com"
}
csrf_token
corp_id
user_id
不存储在缓存中,每次启动时直接从 Cookie 列表中提取(
tianshu_csrf_token
tianshu_corp_user
字段)。
The format of the 
.cache/cookies.json
file (compatible with the old pure cookie array):
json
{
  "cookies": [...],
  "base_url": "https://abcd.aliwork.com"
}
csrf_token
, 
corp_id
, and 
user_id
are not stored in the cache; they are directly extracted from the cookie list (fields 
tianshu_csrf_token
and 
tianshu_corp_user
) each time the script starts.

全局配置

Global Configuration

所有脚本(
login.py
及各 JS 脚本)从项目根目录的 
config.json
读取配置,不再硬编码 URL:
json
{
  "loginUrl": "https://www.aliwork.com/workPlatform",
  "defaultBaseUrl": "https://www.aliwork.com"
}
字段说明
loginUrl
扫码登录页面地址(登录成功后平台可能自动跳转到其他域名)
defaultBaseUrl
API 请求的默认基础地址(仅当 
base_url
未从登录态中获取时作为兜底使用,正常流程不会用到)
All scripts (
login.py
and various JS scripts) read configurations from the 
config.json
file in the project root directory, and no longer hardcode URLs:
json
{
  "loginUrl": "https://www.aliwork.com/workPlatform",
  "defaultBaseUrl": "https://www.aliwork.com"
}
FieldDescription
loginUrl
QR code login page address (the platform may automatically redirect to another domain after successful login)
defaultBaseUrl
Default base address for API requests (only used as a fallback when 
base_url
cannot be obtained from the login state, and will not be used in normal processes)

错误处理机制

Error Handling Mechanism

各 skill 脚本通过解析接口响应体的 
errorCode
字段来判断登录态异常,并自动调用本技能处理:
errorCode含义处理方式
"TIANSHU_000030"
csrf 校验失败(csrf_token 过期)调用 
login.py --refresh-csrf
无头刷新 csrf_token,无需重新扫码
"307"
登录状态已过期(Cookie 失效)调用 
login.py
触发完整重新登录(可能需要扫码)
注意:错误判断基于响应体 JSON 的 
errorCode
字段,而非 HTTP 状态码。
Each skill script determines login state exceptions by parsing the 
errorCode
field in the interface response body, and automatically calls this skill for processing:
errorCodeMeaningHandling Method
"TIANSHU_000030"
CSRF verification failed (csrf_token expired)Call 
login.py --refresh-csrf
to refresh the csrf_token headlessly without requiring re-scanning the QR code
"307"
Login state has expired (cookies invalid)Call 
login.py
to trigger a full re-login (may require QR code scanning)
Note: Error judgment is based on the 
errorCode
field in the response body JSON, not the HTTP status code.

退出登录

Logout

清空本地 Cookie 缓存文件内容即可完成退出,下次调用任意技能时将自动触发重新扫码登录:
bash
echo -n "" > .cache/cookies.json
适用场景
  • 需要切换账号或切换组织
  • Cookie 失效且无法自动刷新
  • 用户主动要求退出登录
注意:Cookie 缓存文件位于项目根目录(含 
README.md
.git
的目录)的 
.cache/
目录下。退出登录不影响已部署的页面和已保存的数据。
Clear the content of the local cookie cache file to complete logout. The next time any skill is called, it will automatically trigger re-login via QR code:
bash
echo -n "" > .cache/cookies.json
Applicable Scenarios:
  • Need to switch accounts or organizations
  • Cookies are invalid and cannot be refreshed automatically
  • User actively requests to log out
Note: The cookie cache file is located in the 
.cache/
directory of the project root directory (the directory containing 
README.md
or 
.git
). Logging out does not affect deployed pages or saved data.

与其他技能配合

Coordination with Other Skills

  • 退出登录:需要切换账号或 Cookie 失效时,执行上方「退出登录」命令后重新运行任意技能即可触发扫码登录
  • yida-publish
    :发布时自动调用本技能获取登录态
  • yida-create-app
    yida-create-page
    yida-create-form-page
    :通过管道将本技能输出传入
  • Logout: When you need to switch accounts or cookies are invalid, execute the above "Logout" command and then re-run any skill to trigger QR code login
  • yida-publish
    : Automatically calls this skill to obtain login state during publishing
  • yida-create-app
    , 
    yida-create-page
    , 
    yida-create-form-page
    : Pass the output of this skill via a pipe