Comments (11)
I mean that all methods are checking if the session is expired and renewing it if necessary
Aah, thanks! I'll recheck my implementation – looks like something wrong with tokens on my end.
The problem that I can understand that we must export session every 2 hours because of refreshed tokens
Yeah, you're correct! I guess I can do something like this one:
def post_message(text):
session_string = "..." # content from file
client = Client()
client.login(session_string=session_string)
client.send_post(...)
if client.export_session_string() != previous_session_string:
# export it again
But probably some more elegant way is needed 🤔
from atproto.
There is also an idea to add an option to store the exported session as a file (this file could be always updated when a new token is generated, so you don't have to catch all errors) when Client()
is initialized. Also, looks like some user/password fallback is needed as well.
We can use the exported session for two months before updating it in persistent storage. Isn't it?
You're correct in general, but It is something strange happens there with token with expiration date 2 days ago
and refresh token with expiration in December:
This token raises an error on client.login(session_string=...)
:
atproto.exceptions.BadRequestError: Response(success=False, status_code=400, content=XrpcError(error='ExpiredToken', message='Token has been revoked'), headers=Headers({'date': 'Tue, 19 Sep 2023 19:48:13 GMT', 'content-type': 'application/json; charset=utf-8', 'content-length': '59', 'connection': 'keep-alive', 'x-powered-by': 'Express', 'access-control-allow-origin': '*', 'ratelimit-limit': '3000', 'ratelimit-remaining': '2999', 'ratelimit-reset': '1695153193', 'ratelimit-policy': '3000;w=300', 'vary': 'Accept-Encoding'}))
🤯🤯🤯
from atproto.
I'd assume that something is broken on bsky side with this token – with newly generated tokens everything works fine! I think we're good to use the same exported session for 2 months!
from atproto.
Hi! But SDK cares about refreshing of access token using refresh token for a long time 🧐 was added here #27
The problem that I can understand that we must export session every 2 hours because of refreshed tokens 😢
Or do you want to say that auto-refresh logic was broken in SDK?
from atproto.
I mean that all methods are checking if the session is expired and renewing it if necessary
from atproto.
We definitely should save the session to persistent storage at the end of the script. But we also must catch all errors first to not exit without saving the exported session.
This doesn't fit well with envs, CI/CD secrets, and so on 🥲 sad
from atproto.
We can use the exported session for two months before updating it in persistent storage. Isn't it?
from atproto.
I can add the ability to register callback on token refresh. And the user can implement storing this token in db or file or wherever
from atproto.
I'd assume that something is broken on bsky side with this token – with newly generated tokens everything works fine! I think we're good to use the same exported session for 2 months!
Didn't you changed password or remove app password?
from atproto.
Didn't you changed password or remove app password?
Nope. Furthermore, for a token that was generated yesterday, I'm getting the same "Token has been revoked" error. Password/handle haven't been changed, and I am still able to generate new tokens with the same password.
Token generated at 1695150790, exp=1695157990
Refresh token generated at 1695150790, exp=1702926790 (Dec, 18)
>>> client = Client()
>>> client.login(session_string=sec)
atproto.exceptions.BadRequestError: Response(success=False, status_code=400, content=XrpcError(error='ExpiredToken', message='Token has been revoked'), headers=Headers({'date': 'Wed, 20 Sep 2023 09:07:36 GMT', 'content-type': 'application/json; charset=utf-8', 'content-length': '59', 'connection': 'keep-alive', 'x-powered-by': 'Express', 'access-control-allow-origin': '*', 'ratelimit-limit': '3000', 'ratelimit-remaining': '2998', 'ratelimit-reset': '1695201121', 'ratelimit-policy': '3000;w=300', 'vary': 'Accept-Encoding'}))
...
>>> client._import_session_string(sec)
SessionString(...)
>>> client._should_refresh_session()
True
>>> client._refresh_and_set_session()
atproto.exceptions.BadRequestError: Response(success=False, status_code=400, content=XrpcError(error='ExpiredToken', message='Token has been revoked'), ...)
from atproto.
so... does it mean that when you refresh the session and get a new refresh token, the old one is revoked?
from atproto.
Related Issues (20)
- Uploading an image as a blob to be used as a card image doesn't work ! HOT 1
- Python Version Depency Issue HOT 2
- Would you recommend any specific gunicorn settings for a feed? HOT 1
- AtUri.from_str() returns invalid host for some AT uri's (Fix included) HOT 2
- Implement autogenerated Record Namespaces HOT 1
- Add the ability to submit posts that include labels
- Delete deprecated "subject" argument of .like() and .repost() methods
- Delete deprecated record models called "Main" instead of "Record"
- Auth token handling improvements HOT 10
- Delete deprecated SessionString class
- decode_dag_multi does not decode fully HOT 4
- Misspelling in get_author_feed HOT 3
- Subscribing to feed? HOT 4
- Parsing Alt Text HOT 2
- Add support for event stream HOT 8
- get_blob errors on redirects HOT 2
- High memory usage: from atproto import Client HOT 3
- Failing on authentication HOT 2
- IpldLink model validation fails HOT 8
- delete_post not work HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from atproto.