1 files changed, 13 insertions, 10 deletions

diff --git a/gallery_dl/extractor/gofile.py b/gallery_dl/extractor/gofile.py
index b53ebbe..044dddb 100644
--- a/gallery_dl/extractor/gofile.py
+++ b/gallery_dl/extractor/gofile.py
@@ -6,7 +6,8 @@
 
 from .common import Extractor, Message
 from .. import text, exception
-from ..cache import memcache
+from ..cache import cache, memcache
+import hashlib
 
 
 class GofileFolderExtractor(Extractor):
@@ -66,6 +67,7 @@ class GofileFolderExtractor(Extractor):
 
     def items(self):
         recursive = self.config("recursive")
+        password = self.config("password")
 
         token = self.config("api-token")
         if not token:
@@ -73,12 +75,10 @@ class GofileFolderExtractor(Extractor):
         self.session.cookies.set("accountToken", token, domain=".gofile.io")
         self.api_token = token
 
-        token = self.config("website-token", "12345")
-        if not token:
-            token = self._get_website_token()
-        self.website_token = token
+        self.website_token = (self.config("website-token") or
+                              self._get_website_token())
 
-        folder = self._get_content(self.content_id)
+        folder = self._get_content(self.content_id, password)
         yield Message.Directory, folder
 
         num = 0
@@ -109,17 +109,20 @@ class GofileFolderExtractor(Extractor):
         self.log.debug("Creating temporary account")
         return self._api_request("createAccount")["token"]
 
-    @memcache()
+    @cache(maxage=86400)
     def _get_website_token(self):
         self.log.debug("Fetching website token")
-        page = self.request(self.root + "/contents/files.html").text
-        return text.extract(page, "websiteToken:", ",")[0].strip("\" ")
+        page = self.request(self.root + "/dist/js/alljs.js").text
+        return text.extr(page, 'fetchData.websiteToken = "', '"')
 
-    def _get_content(self, content_id):
+    def _get_content(self, content_id, password=None):
+        if password is not None:
+            password = hashlib.sha256(password.encode()).hexdigest()
         return self._api_request("getContent", {
             "contentId"   : content_id,
             "token"       : self.api_token,
             "websiteToken": self.website_token,
+            "password"    : password,
         })
 
     def _api_request(self, endpoint, params=None):