2FA always being asked for

[MirelesI]

When I first started using this, I only had to enter code the first time as the readme states, now it is being asked every time I run this. Was wondering if you could look into this!

[usman10scorpio]

I asked for 2FA. But I could not get the code. Is there any problem on my implementation side ?

[edex96]

Yeah this is a problem because automation is the reason why we are here right. If I can find a way around this I'll share here.

[Reiszecke]

Does this apply to everyone? Experiencing the same. Maybe Apple changed how the cookies are handled?

https://github.com/JanHalozan/iTunesConnectAnalytics/pull/24 mentions that he took stuff from fastlane.

@Francescu in case you still have interest in using this - could you look at this for a second? Or maybe give us a hint where you looked for things in the fastlane repo back then?

[Reiszecke]

It seems like the lib supports cookies, but it doesn't write them out of the box. The successCallback carries them over but that's not used in the examples.

What you should do is print d in the successCallback or what I did before I found out was the following:

In analytics.js, add

console.log(JSON.stringify(cookie)) to somewhere around line 150. Run through the process, copy the cookie from terminal.

Go back to your index.js and edit so it's like

              ...ame, password, {

  cookies: cookieString,

  errorCallback:...

Voila, no more TFA because you pass the session's cookie :)

You should probably handle this via writing JSON from the successCallback to a file or using some .localStorage node replacement, check for a valid file and if a file is present, pass the cookies but if you just want to get something going real quick then that's your answer :)

[Reiszecke]

The cookie passed to the successCallback only seems to be valid for a few hours at most. analytics.js seems to cut down on this a lot, I will try what happens when simply pasting all cookies.

[Reiszecke]

I have now attempted to do the "full" cookies object instead of only doing myacinfo.

Will see whether that helped tomorrow.

Additionally I found some reading material

https://github.com/fastlane/fastlane/issues/14301 love the DES5 cookie (was not part of myacinfo)

https://github.com/fastlane/fastlane/pull/7600 is also an interesting thing to keep in mind.

Will also try to set up a cron job to ping every 10 minutes should that keep the session alive

[Reiszecke]

Neither using the complete set of cookies, nor pinging every 10 minutes works. The ping worked for a few hours and returned results but after like 4-6 hours it broke down again.

Will check if the cookie gets updated somewhere

[Reiszecke]

Hopefully the last update: https://github.com/andrewstoliarov/iTunesConnectAnalytics seems to work very stable.

Andrew did not document the usage so here a small quick start for everyone:

var cookies = {} 

function readCookies() {
    try {
        data = fs.readFileSync(cookiePath, { encoding: 'utf8', flag: 'r' });
        cookies = JSON.parse(data)
    } catch (e) {
        console.log("no local cookie file yet: ", e)
    }
}

readCookies()

function writeCookies(cookies) {
    let dataJSON = JSON.stringify(cookies)
    fs.writeFileSync(cookiePath, dataJSON);
}

async function makeASCRequest(type) {

    console.log("using cookies:", cookies)

    var instance = new Itunes(
        { cookies: cookies } //maybe comment this out for first launch or if you want to start from scratch
    );

    console.log("created instance")

    instance.options.successAuthCookies = function (headers) {
        console.log('Got cookie: ' + JSON.stringify(headers));
        writeCookies(headers)
    }

    instance.options.twoFAHandler = function (successCallback) {
        console.log("getting 2FA prompt")
        const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
        rl.question('Enter the 2FA code: ', (answer) => {
            successCallback(answer)
        });
    }

    console.log("logging in")

    await instance.login(USERNAME, PASSWORD);

    //do whatever you usually do
}

Will ping Andrew to set up as new repo

[Reiszecke]

@andrewstoliarov do you mind de-forking since this repo here appears to be abandoned?

[andrewstoliarov]

@Reiszecke Oh sure.

[ShivamJoker]

Guys If I put this in a automated CI environment, is there any way to get away without entering 2FA code every few days/weeks?