Feature Request: 2FA support for headless mode #617
Comments
|
Makes sense, please make a PR to implement. |
|
Already on it 👍 |
feat: sends a notification if OTP input is required feat: tries to set the "Do not ask for OTP on this device" flag This closes Hari-Nagarajan#617
feat: sends a notification if OTP input is required feat: tries to set the "Do not ask for OTP on this device" flag This closes Hari-Nagarajan#617
feat: sends a notification if OTP input is required feat: tries to set the "Do not ask for OTP on this device" flag This closes Hari-Nagarajan#617
|
It should also be possible to implement a built-in TOTP generator where the user can save their TOTP secret in the credential file and it handled automatically. There are plenty of python TOTP generators that could handle this. |
|
Have fun explaining the user how to get the QR code encoded data into fairgame. While of course this is possible, I'd vote against this. Users already struggle to understand what the |
|
Unless I am missing something there is a "Can't scan the barcode?" link at the bottom of every TOTP QR that I've had to use, including Amazon's. They can just add a new authenticator app and copy the secret out of that. I ran into an issue today where I fairgame was logged in, eventually got a hit, successfully added it to cart, but Amazon decided to prompt for OTP. Adding built-in 2FA support would be the only way to get around this if it starts increasing in frequency. |
|
@digitalentropy please submit a PR for it. Thanks. |
99,99% of the users have TOTP setup, aka the QR code is no longer displayed. Correct me if I'm wrong, but the most famous apps such as Google Authenticator, Microsoft Authenticator nor Authy allows the re-display of the QR code or secret. |
I've confirmed that Amazon allows the user to add multiple authenticator apps, so one could simply add a new one for fairgame. Unfortunately I don't have time at the moment to write the code for it. I was simply providing feedback that I felt was practical and useful. That said, if someone who does have the time has an interest in doing so, I think it's a very worthwhile idea. |
|
Is this still not being implemented? 😥 |
|
It's in PR #636. You can load that if you need it. |
|
@DakkJaniels thanks, but I am not quite sure I understood properly. 😅 Do I have to add/edit anything in my (Docker running) fairgame or do I have to downgrade it to a specific release? |
Currently fairgame does not work correctly when running on a 2FA protected account in headless mode as it expects the user to enter the OTP code in the browser windows itself.
Ideally, fairgame would prompt the user for the OTP from the Python CLI and then pass the value via chromedriver onto the page. This should basically be something like
otp_field.send_keys(otp_input + Keys.RETURN)(pseudo code)The text was updated successfully, but these errors were encountered: