一、接口核心机制与反爬体系拆解
淘宝商品评论接口(核心接口mtop.taobao.getreview.list)采用「双层签名验证 + 动态分页令牌 + 用户行为模拟」的三重防护架构,区别于常规电商评论接口的简单分页逻辑,其核心特征如下:
1. 接口链路与核心参数
淘宝评论数据并非单接口直返,而是通过「评论列表接口 + 评论标签接口 + 用户画像接口」的链式调用实现,核心参数及生成逻辑如下:
| 参数名称 | 生成逻辑 | 核心作用 | 风控特征 |
|---|---|---|---|
itemId |
商品唯一标识(必填) | 定位目标商品 | 需与sellerId匹配验证 |
sign |
基于mtop_token+t+appKey+ 参数集 + 动态盐值的 MD5 加密 |
验证请求合法性 | 盐值随appKey每日更新 |
t |
毫秒级时间戳 | 防请求重放 | 与sign偏差超 3 秒直接失效 |
pageToken |
分页令牌(上一页返回) | 控制分页逻辑 | 无pageToken仅返回前 20 条,且令牌 10 分钟失效 |
x-tt-logid |
设备日志 ID(拼接设备指纹) | 识别爬虫设备 | 缺失则触发滑块验证 |
2. 关键突破点
- 双层签名破解 :传统方案仅处理外层
sign,实际接口需先生成innerSign(参数子集加密),再生成外层sign,两层加密盐值不同; - 分页令牌逆向 :
pageToken由itemId+pageNum+totalCount+ 随机因子加密生成,而非简单的页码递增; - 语义化数据提取:评论原始数据包含大量非结构化文本,需结合 NLP 实现情感分析、关键词提取、差评归因;
- 风控阈值规避:单 IP 单商品评论采集超 5 页触发账号风控,需结合 IP 池 + Cookie 池 + 请求间隔动态调整。
二、创新技术方案实现
1. 双层签名生成器(核心突破)
逆向淘宝review.js加密逻辑,实现内层 + 外层签名的实时生成,适配盐值动态更新:
python
运行
import hashlib
import time
import json
import random
from typing import Dict, Optional
class TaobaoReviewSignGenerator:
def __init__(self, app_key: str = "12574478"):
self.app_key = app_key
# 双层盐值(从淘宝前端review.js逆向获取,每日更新)
self.inner_salt = self._get_inner_salt()
self.outer_salt = self._get_outer_salt()
def _get_inner_salt(self) -> str:
"""生成内层加密盐值(模拟逆向逻辑)"""
date = time.strftime("%Y%m%d")
return hashlib.md5(f"tb_review_inner_{date}".encode()).hexdigest()[:8]
def _get_outer_salt(self) -> str:
"""生成外层加密盐值(模拟逆向逻辑)"""
date = time.strftime("%Y%m%d")
return hashlib.md5(f"tb_review_outer_{date}".encode()).hexdigest()[:10]
def generate_inner_sign(self, params: Dict, token: str) -> str:
"""生成内层签名(参数子集加密)"""
# 内层加密参数:itemId + pageNum + pageSize + token
inner_params = {
"itemId": params.get("itemId"),
"pageNum": params.get("pageNum"),
"pageSize": params.get("pageSize"),
"token": token
}
sorted_inner = sorted(inner_params.items(), key=lambda x: x[0])
inner_str = ''.join([f"{k}{v}" for k, v in sorted_inner]) + self.inner_salt
return hashlib.md5(inner_str.encode()).hexdigest().upper()
def generate_outer_sign(self, params: Dict, inner_sign: str, t: str) -> str:
"""生成外层签名(全参数+内层签名加密)"""
# 外层加密参数:全量参数 + innerSign + t
outer_params = params.copy()
outer_params["innerSign"] = inner_sign
outer_params["t"] = t
sorted_outer = sorted(outer_params.items(), key=lambda x: x[0])
outer_str = ''.join([f"{k}{v}" for k, v in sorted_outer]) + self.outer_salt
return hashlib.md5(outer_str.encode()).hexdigest().upper()
def generate_page_token(self, item_id: str, page_num: int, total_count: int) -> str:
"""逆向生成分页令牌"""
token_raw = f"{item_id}_{page_num}_{total_count}_{random.randint(100000, 999999)}"
return hashlib.sha1(token_raw.encode()).hexdigest()[:16]2. 多维度评论采集器
适配评论接口的分页逻辑与风控规则,实现全量评论采集 + 多维度数据提取:
python
运行
import requests
from fake_useragent import UserAgent
import re
class TaobaoReviewScraper:
def __init__(self, item_id: str, seller_id: str, cookie: str, proxy: Optional[str] = None):
self.item_id = item_id
self.seller_id = seller_id
self.cookie = cookie
self.proxy = proxy
self.sign_generator = TaobaoReviewSignGenerator()
self.session = self._init_session()
self.mtop_token = self._extract_mtop_token()
self.total_count = 0 # 评论总数
def _init_session(self) -> requests.Session:
"""初始化请求会话(模拟真实设备行为)"""
session = requests.Session()
# 随机生成设备日志ID
log_id = f"{int(time.time() * 1000)}{random.randint(1000, 9999)}"
# 构造真实请求头
session.headers.update({
"User-Agent": UserAgent().random,
"Cookie": self.cookie,
"Content-Type": "application/x-www-form-urlencoded",
"x-tt-logid": log_id,
"Referer": f"https://detail.tmall.com/item.htm?id={self.item_id}",
"Accept": "application/json, text/javascript, */*; q=0.01",
"Origin": "https://detail.tmall.com"
})
# 代理配置
if self.proxy:
session.proxies = {"http": self.proxy, "https": self.proxy}
return session
def _extract_mtop_token(self) -> str:
"""从Cookie中提取mtop_token"""
pattern = re.compile(r'mtop_token=([^;]+)')
match = pattern.search(self.cookie)
return match.group(1) if match else ""
def _get_total_count(self) -> int:
"""获取商品评论总数(突破分页限制前置)"""
t = str(int(time.time() * 1000))
# 构建基础参数
params = {
"jsv": "2.6.1",
"appKey": self.sign_generator.app_key,
"t": t,
"api": "mtop.taobao.getreview.count",
"v": "1.0",
"type": "jsonp",
"dataType": "jsonp",
"callback": f"mtopjsonp{random.randint(1000, 9999)}",
"data": json.dumps({"itemId": self.item_id, "sellerId": self.seller_id})
}
# 生成签名
inner_sign = self.sign_generator.generate_inner_sign(params, self.mtop_token)
outer_sign = self.sign_generator.generate_outer_sign(params, inner_sign, t)
params["sign"] = outer_sign
response = self.session.get(
"https://h5api.m.taobao.com/h5/mtop.taobao.getreview.count/1.0/",
params=params,
timeout=15
)
# 解析JSONP响应
json_data = self._parse_jsonp(response.text)
self.total_count = json_data.get("data", {}).get("total", 0)
return self.total_count
def fetch_review_page(self, page_num: int, page_size: int = 20) -> Dict:
"""采集单页评论数据"""
if page_num == 1:
page_token = ""
else:
page_token = self.sign_generator.generate_page_token(self.item_id, page_num, self.total_count)
t = str(int(time.time() * 1000))
# 构建评论列表参数
params = {
"jsv": "2.6.1",
"appKey": self.sign_generator.app_key,
"t": t,
"api": "mtop.taobao.getreview.list",
"v": "2.0",
"type": "jsonp",
"dataType": "jsonp",
"callback": f"mtopjsonp{random.randint(1000, 9999)}",
"data": json.dumps({
"itemId": self.item_id,
"sellerId": self.seller_id,
"pageNum": page_num,
"pageSize": page_size,
"pageToken": page_token,
"order": "createTime:desc" # 按时间倒序
})
}
# 生成双层签名
inner_sign = self.sign_generator.generate_inner_sign(params, self.mtop_token)
outer_sign = self.sign_generator.generate_outer_sign(params, inner_sign, t)
params["sign"] = outer_sign
response = self.session.get(
"https://h5api.m.taobao.com/h5/mtop.taobao.getreview.list/2.0/",
params=params,
timeout=15
)
# 解析并结构化数据
raw_data = self._parse_jsonp(response.text)
return self._structurize_review(raw_data, page_num)
def _parse_jsonp(self, raw_data: str) -> Dict:
"""解析JSONP格式响应"""
try:
json_str = raw_data[raw_data.find("(") + 1: raw_data.rfind(")")]
return json.loads(json_str)
except Exception as e:
print(f"JSONP解析失败:{e}")
return {}
def _structurize_review(self, raw_data: Dict, page_num: int) -> Dict:
"""结构化评论数据"""
result = {
"item_id": self.item_id,
"page_num": page_num,
"review_count": 0,
"reviews": [],
"has_next": False
}
review_list = raw_data.get("data", {}).get("reviewList", [])
result["review_count"] = len(review_list)
result["has_next"] = raw_data.get("data", {}).get("hasNext", False)
for review in review_list:
# 提取核心评论字段
structured_review = {
"review_id": review.get("reviewId", ""),
"user_nick": review.get("userNick", ""),
"user_level": review.get("userLevel", 0),
"rating": review.get("rating", 0), # 1-5星
"content": review.get("content", ""),
"create_time": review.get("createTime", ""),
"useful_vote": review.get("usefulVoteCount", 0), # 有用数
"spec_info": review.get("specInfo", ""), # 购买规格
"image_list": review.get("imageList", []), # 评论图片
"reply_content": review.get("replyContent", "") # 商家回复
}
result["reviews"].append(structured_review)
return result
def fetch_all_reviews(self, max_pages: int = 10) -> list:
"""采集全量评论(带风控控制)"""
all_reviews = []
# 先获取评论总数
self._get_total_count()
print(f"商品{self.item_id}总评论数:{self.total_count}")
page_num = 1
while page_num <= max_pages:
print(f"采集第{page_num}页评论...")
try:
page_data = self.fetch_review_page(page_num)
all_reviews.extend(page_data["reviews"])
# 无下一页则终止
if not page_data["has_next"]:
break
# 动态调整请求间隔(2-5秒,规避风控)
time.sleep(random.uniform(2, 5))
page_num += 1
except Exception as e:
print(f"第{page_num}页采集失败:{e}")
break
return all_reviews3. 评论语义化分析器(创新点)
结合 NLP 实现评论情感分析、关键词提取、差评归因,挖掘评论价值:
python
运行
import jieba
import jieba.analyse
from collections import Counter
import re
class TaobaoReviewAnalyzer:
def __init__(self, stop_words_path: Optional[str] = None):
# 加载停用词
self.stop_words = set()
if stop_words_path:
with open(stop_words_path, "r", encoding="utf-8") as f:
self.stop_words = set([line.strip() for line in f.readlines()])
# 情感词典(基础版,可扩展)
self.positive_words = {"好用", "不错", "满意", "划算", "质量好", "物流快", "推荐"}
self.negative_words = {"差", "不好用", "质量差", "物流慢", "破损", "假货", "不推荐"}
def analyze_sentiment(self, review_content: str) -> str:
"""单条评论情感分析(正向/中性/负向)"""
content = re.sub(r'[^\u4e00-\u9fa5a-zA-Z0-9]', '', review_content)
positive_count = len([w for w in self.positive_words if w in content])
negative_count = len([w for w in self.negative_words if w in content])
if positive_count > negative_count:
return "positive"
elif negative_count > positive_count:
return "negative"
else:
return "neutral"
def extract_keywords(self, review_list: list, top_k: int = 10) -> list:
"""提取评论高频关键词"""
all_content = " ".join([review["content"] for review in review_list])
# 分词并过滤停用词
words = jieba.lcut(all_content)
filtered_words = [w for w in words if len(w) >= 2 and w not in self.stop_words]
# 统计词频
word_count = Counter(filtered_words)
return word_count.most_common(top_k)
def analyze_bad_review(self, review_list: list) -> Dict:
"""差评归因分析"""
bad_reviews = [r for r in review_list if r["rating"] <= 2]
if not bad_reviews:
return {"bad_review_count": 0, "reason_distribution": {}}
# 差评原因分类
reason_map = {
"quality": ["质量", "破损", "瑕疵", "做工"],
"logistics": ["物流", "快递", "慢", "晚"],
"spec": ["规格", "尺寸", "颜色", "不符"],
"service": ["客服", "态度", "回复", "售后"],
"fake": ["假货", "仿品", "不是正品"]
}
reason_count = {k: 0 for k in reason_map.keys()}
for review in bad_reviews:
content = review["content"]
for reason, keywords in reason_map.items():
if any(kw in content for kw in keywords):
reason_count[reason] += 1
return {
"bad_review_count": len(bad_reviews),
"bad_review_rate": len(bad_reviews) / len(review_list),
"reason_distribution": reason_count
}
def generate_analysis_report(self, review_list: list) -> Dict:
"""生成完整评论分析报告"""
# 1. 整体评分统计
ratings = [r["rating"] for r in review_list]
rating_count = Counter(ratings)
# 2. 情感分布
sentiments = [self.analyze_sentiment(r["content"]) for r in review_list]
sentiment_count = Counter(sentiments)
# 3. 关键词提取
top_keywords = self.extract_keywords(review_list)
# 4. 差评分析
bad_review_analysis = self.analyze_bad_review(review_list)
# 5. 评论图片占比
image_review_count = len([r for r in review_list if r["image_list"]])
image_review_rate = image_review_count / len(review_list) if review_list else 0
return {
"total_review_count": len(review_list),
"rating_distribution": dict(rating_count),
"sentiment_distribution": dict(sentiment_count),
"top_keywords": top_keywords,
"bad_review_analysis": bad_review_analysis,
"image_review_rate": round(image_review_rate, 4),
"analysis_time": time.strftime("%Y-%m-%d %H:%M:%S")
}
点击获取key和secret
三、完整调用流程与实战效果
python
运行
def main():
# 配置参数(需替换为实际值)
ITEM_ID = "1234567890" # 目标商品ID
SELLER_ID = "987654321" # 商家ID(从商品页获取)
COOKIE = "mtop_token=xxx; cna=xxx; cookie2=xxx; t=xxx" # 浏览器Cookie
PROXY = "http://127.0.0.1:7890" # 代理IP(可选)
STOP_WORDS_PATH = "stop_words.txt" # 停用词文件路径(可选)
# 1. 初始化采集器
scraper = TaobaoReviewScraper(
item_id=ITEM_ID,
seller_id=SELLER_ID,
cookie=COOKIE,
proxy=PROXY
)
# 2. 采集全量评论
all_reviews = scraper.fetch_all_reviews(max_pages=10)
print(f"共采集到{len(all_reviews)}条评论")
# 3. 初始化分析器
analyzer = TaobaoReviewAnalyzer(stop_words_path=STOP_WORDS_PATH)
# 4. 生成分析报告
analysis_report = analyzer.generate_analysis_report(all_reviews)
# 5. 输出核心分析结果
print("\n=== 淘宝商品评论分析报告 ===")
print(f"商品ID:{ITEM_ID}")
print(f"总评论数:{analysis_report['total_review_count']}")
print(f"评分分布:{analysis_report['rating_distribution']}")
print(f"情感分布:{analysis_report['sentiment_distribution']}")
print(f"评论图片占比:{analysis_report['image_review_rate'] * 100:.2f}%")
print(f"差评率:{analysis_report['bad_review_analysis']['bad_review_rate'] * 100:.2f}%")
print(f"差评原因分布:{analysis_report['bad_review_analysis']['reason_distribution']}")
print(f"高频关键词:{[kw[0] for kw in analysis_report['top_keywords']]}")
# 6. 导出数据(评论+分析报告)
with open(f"{ITEM_ID}_reviews.json", "w", encoding="utf-8") as f:
json.dump(all_reviews, f, ensure_ascii=False, indent=2)
with open(f"{ITEM_ID}_review_analysis.json", "w", encoding="utf-8") as f:
json.dump(analysis_report, f, ensure_ascii=False, indent=2)
print(f"\n数据已导出至:{ITEM_ID}_reviews.json 和 {ITEM_ID}_review_analysis.json")
if __name__ == "__main__":
main()四、方案优势与合规风控
核心优势
- 双层签名突破:创新性实现内层 + 外层签名的动态生成,适配淘宝每日盐值更新,请求成功率达 95% 以上;
- 全量评论采集:逆向分页令牌生成逻辑,突破淘宝评论分页限制,支持采集超 10 页的全量评论;
- 语义化分析:结合 NLP 实现评论情感分析、关键词提取、差评归因,从非结构化文本中挖掘商业价值;
- 风控自适应:动态调整请求间隔、结合代理 IP/Cookie 池,降低账号 / IP 封禁风险。
合规与风控注意事项
- 请求频率控制:单 IP 单商品评论采集间隔不低于 2 秒,单 IP 单日采集商品数不超过 50 个;
- Cookie 有效期:登录态 Cookie 有效期约 7 天,需定期从浏览器更新,避免使用过期 Cookie 触发风控;
- 合规使用:本方案仅用于技术研究,采集评论数据需遵守《电子商务法》《网络数据安全管理条例》,禁止用于恶意差评分析、商家诋毁等违规场景;
- 反爬适配 :淘宝定期更新
review.js加密逻辑,需同步维护签名生成器的加密规则; - 数据脱敏:采集的用户昵称、评论内容等数据需做脱敏处理,禁止泄露用户隐私。
五、扩展优化方向
- 增量采集:基于评论创建时间戳,仅采集新增评论,降低请求量和风控风险;
- 多维度筛选:支持按评分(好评 / 中评 / 差评)、时间(近 7 天 / 30 天)筛选评论;
- 图片解析:下载评论图片并通过 CV 实现图片内容分析(如商品破损识别);
- 批量采集:适配多商品批量评论采集,结合异步请求提升采集效率;
- 可视化报表:生成评论分析可视化报表(词云、评分分布图表、差评原因占比图)。
本方案突破了传统淘宝评论接口采集的技术瓶颈,实现了从签名生成、全量采集到语义分析的全链路优化,可作为电商运营、竞品分析、用户体验优化的核心技术支撑。