I tried to reverse engineer the site by sending POST requests to “https://{hostUrl}/topics/timings” with content-type, csrf token, and user-agent.
Here is what the body (json) looks like:
payload = {
"topic_id": topic_id,
"topic_time": post_count * 60000,
"timings": timings
}
It returns a status code of 200 but the read history never changes at https://{hostUrl}/u/USERNAME/activity/read
I tried to look into this post but it wasn’t much help:
Here is a good amount of the code:
def get_csrf(session):
r = session.get(f"https://{hostUrl}/session/csrf.json")
if r.status_code != 200:
raise RuntimeError("Failed to get CSRF")
data = r.json()
if "csrf" not in data:
raise RuntimeError("No CSRF in response")
return data["csrf"]
def load_topics(session, page):
print(f"[Topics] Page {page}")
r = session.get(
f"https://{hostUrl}/latest.json?page={page}"
)
if r.status_code != 200:
return []
data = r.json()
return [
{
"id": t["id"],
"posts_count": t["posts_count"]
}
for t in data["topic_list"]["topics"]
]
def mark_post_as_read(session, topic_id, post_count):
url = f"https://{hostUrl}/topics/timings"
timings = {
str(i): 60000
for i in range(1, post_count + 1)
}
payload = {
"topic_id": topic_id,
"topic_time": post_count * 60000,
"timings": timings
}
csrf = get_csrf(session)
r = session.post(
url,
json=payload,
headers={
"X-CSRF-Token": csrf,
"User-Agent": "Mozilla/5.0",
"Content-Type": "application/json"
}
)
print(f"[Read] {topic_id} → {r.status_code}")
if r.status_code != 200:
print(r.text[:300])
def tab_worker(session):
page = 1
while True:
topics = load_topics(session, page)
if not topics:
break
for t in topics:
mark_post_as_read(
session,
t["id"],
t["posts_count"]
)
time.sleep(0.4)
page += 1