[BUG] Can't login | Cloudflare protection

[lambor590]

Describe the bug I'm not able to login.

To Reproduce Steps to reproduce the behavior:

1. Use the library as normal, with email/password or session token.
2. If you are using email/password you'll get an API Error at start
3. If you are using a session token you'll get an Exception: Wrong response code at start

Expected behavior Be able to access the website as normal.

Output Using session token:

Traceback (most recent call last):
  File "/home/container/main.py", line 1, in <module>
    from src import bot
  File "/home/container/src/bot.py", line 3, in <module>
    from src import responses
  File "/home/container/src/responses.py", line 36, in <module>
    chatbot = Chatbot(config, conversation_id=None)
  File "/home/container/.local/lib/python3.10/site-packages/revChatGPT/revChatGPT.py", line 95, in __init__
    self.refresh_session()
  File "/home/container/.local/lib/python3.10/site-packages/revChatGPT/revChatGPT.py", line 296, in refresh_session
    raise Exception("Wrong response code")
Exception: Wrong response code

Using email/password:

Traceback (most recent call last):
  File "/home/container/main.py", line 1, in <module>
    from src import bot
  File "/home/container/src/bot.py", line 3, in <module>
    from src import responses
  File "/home/container/src/responses.py", line 36, in <module>
    chatbot = Chatbot(config, conversation_id=None)
  File "/home/container/.local/lib/python3.10/site-packages/revChatGPT/revChatGPT.py", line 95, in __init__
    self.refresh_session()
  File "/home/container/.local/lib/python3.10/site-packages/revChatGPT/revChatGPT.py", line 340, in refresh_session
    raise exc
  File "/home/container/.local/lib/python3.10/site-packages/revChatGPT/revChatGPT.py", line 337, in refresh_session
    self.login(self.config["email"], self.config["password"])
  File "/home/container/.local/lib/python3.10/site-packages/revChatGPT/revChatGPT.py", line 373, in login
    raise exc
  File "/home/container/.local/lib/python3.10/site-packages/revChatGPT/revChatGPT.py", line 366, in login
    auth.begin()
  File "/home/container/.local/lib/python3.10/site-packages/OpenAIAuth/OpenAIAuth.py", line 95, in begin
    raise Exception("API error")
Exception: API error

Environment (please complete the following information):

Please update your packages before reporting! pip3 install --upgrade OpenAIAuth revChatGPT

• OS: Linux
• Python version: 3.10.8
• ChatGPT Version: 0.0.38.6
• OpenAI Version: 0.0.6

Additional context I saw that they applied Cloudflare on the website, and there are more cookies than before: If I delete the cookie cf_clearance, the next time I reload the website I will get the Cloudflare is verifying your connection page, otherwise, it will not show.

[michelleyin96]

I'm also seeing the same error - getting a 403 back

[TheMihirNaik]

I am seeing the same error as well.

[coldhotstart]

It will be difficult to bypass this, TBH.

[MohamedAliRashad]

same here

[Soul-AI-LLM]

I'm also seeing the same error - getting a 403 back

Same issue here.

[birdup000]

same here

[Lukium]

Probably not super helpful but same here

[CarlZielinski]

Seeing the same issue. Is this something that could be bypassed using FlareSolverr?

[acheong08]

I am working on this

[acheong08]

This is the response:

<html lang="en-US">
<head>
    <title>Just a moment...</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=Edge">
    <meta name="robots" content="noindex,nofollow">
    <meta name="viewport" content="width=device-width,initial-scale=1">
    <link href="/cdn-cgi/styles/challenges.css" rel="stylesheet">

</head>
<body class="no-js">
    <div class="main-wrapper" role="main">
    <div class="main-content">
        <h1 class="zone-name-title h1">
            <img class="heading-favicon" src="/favicon.ico"
                 onerror="this.onerror=null;this.parentNode.removeChild(this)">
            chat.openai.com
        </h1>
        <h2 class="h2" id="challenge-running">
            Checking if the site connection is secure
        </h2>
        <noscript>
            <div id="challenge-error-title">
                <div class="h2">
                    <span class="icon-wrapper">
                        <div class="heading-icon warning-icon"></div>
                    </span>
                    <span id="challenge-error-text">
                        Enable JavaScript and cookies to continue
                    </span>
                </div>
            </div>
        </noscript>
        <div id="trk_jschal_js" style="display:none;background-image:url('/cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=77823f748f39c5a0')"></div>
        <div id="challenge-body-text" class="core-msg spacer">
            chat.openai.com needs to review the security of your connection before proceeding.
        </div>
        <form id="challenge-form" action="/auth/login?__cf_chl_f_tk=YcrSC6GxLdFJV3nDQnB94iOY874kZRHn7xo.qxkz0ik-1670803940-0-gaNycGzNB2U" method="POST" enctype="application/x-www-form-urlencoded">
            <input type="hidden" name="md" value="neq8DhZscgOk9ZqTwAD01JFh9zb97x2wAxRY.AXXQZA-1670803940-0-ARsRYvxWGameB3Ago3KgmFO6sj1qc8uTru2TF6WetlBz22SNZXPxN1ww_9-tpkuzLjKUrYnZYELy7IK3lVMZVfyOoXUJdGnpR6bSjqPQXhpDdDzASo-ZuLx13VmjwGmi0DnoM2OOHEO3Mysl-ARX3TMqPF2T4PldmUCtKnFSmH-UeG2x7SKDp7dvaj9Bpuc-8s-HgVdVb7ARu1yiRtszSgxrPXPpbJNK34cqlNt1YMzvBeEjwN9kZxELK3mFkxbkvs_n6JTBvfF_iNrzVxdZUh4o5OCTkPdfwnaVZNvnU2LEIOd6QCZW-9ceUXUItt5OiKdzWhiiLiCPcLBqcQFiMgdEmCKypO7iulABlDraCARgkMz0p9zEDA99R3Ayh-aGESQUfjaarRHh6iFDbumoPxiguHWP0P21GYRFdYpzktFoasucmtjHfDBk7yW1LedHmYqyPlT4oC5c4BXcBxYZMDB8yxcNtM8QKWvPbg1BIJEUx_osPPyWTobkrJ7iFHEGsWL45MQpL7eMzx_wAqqp_2FdZwPKHkGjmCOpx6A3bngYRcHimCQjZNMqeje1iMitQjgI1-wTUM9RyvSOh53C5kD02s6qZ9PBmdicNCRTE5keLHLUd7pieJFQDIF4SjMmzZCiZ0d0Zv9JXYBa4XxzV7o6O5RBW76hTB8v06wIHKt8">
            <input type="hidden" name="r" value="laVUElSO5KeLxtGkMbmU9a0FovPXUSlj31DGVyIuyaQ-1670803940-0-ATfFVBI+BOaFI/Ffafce1gGw6/iFihZtBzGL0De0J/BJDGcgg/dwEeDrI+lj6K+o+f71yiSrzi3pMywHzZUYgf8qCNMukyBGpR1+0YScaKeNWL3AnYyLrMBsdu3f85xXk8l6PWxnzc9N3w9wXu4AEb72DvfL1Igb4Dh8gkMVhmzGieIc8QwOXuoj///8J9/75wWB9ZR8HVG9uTzXl9Vf83D46inSGvNJ5IeqhMdGmEdLxSxqV82jUSDwhDqXsb1EN8Pj7/i8+YUXyc+hLv/QUprI1k0DL96ya9wNkq+4uV/Ltv+me4qsMBWfGLB1o8ipo5V3c132c5LXGkAkpoLmdLfHqiWAv/H86ZWmqFWnVk2HvWJ24XS5rSd8KY4+ws9QuvMjVfxJIh0zW2tzKqNSPQ2Owm4eSXyAAEm/+069emDgZkSQ4muWSPdjBNQD3urE5M+ibrMWWmcRCkCcsKdkZWpAovJi31tjwNLvUn1xgJVNgMhlW2a2Fk2f5bG7xnl+XCaoUfNHGo4rR4R9awk6aCNP1hHsuRz4V7VuQ2VoVJkZMTd2kk+GN5qilySaJseDuBplxjThTtU7FU/R//6xSh7Hq82qpqRbHXxlDrP+AsHe4Qco27PCSfjAUUPQnxQTUG0Zll0Q7EgrrC+nT5rwm5ZtDBUWiXmUzrSzSis74/9UHsZfr13bR/LeMiJyMYjFoG/ht7zMfus4b0Uk5xGv+acWuLtLHht4WJZXTNnmpInVXTQkIbd/agdvU80BiKPuzsUOUzDE/lWv55igktsBf4XLcqZWiN1HI42b9HXT4qDYsouEj5emjA9LXomQ2ANbyIOT+G2vIfgb17qI5zTlLYjWg5XFrVtlffrReja/lTbGDy85q6hkU0OmoGWYRUlteAjdm5E9hytgmc9bGlDtC98M27kd4LS7YT4NiKqiH5DlS6CR6Hxaf4zDleQYtkiH3nLH38GN3mSiDE+1gqwKarXvAh9rdh4RR6M+vgS2x+tKXf1oir7+MIIVVyZ0k4kYfUU8F2d1n2ZrQt2folMHWNogI6ASlxesw1jn5oD8wBeYDociqAq+EFBbtOQjATizf+4Lb1FAknK2KVXQ+TTg0vgcIcs4xXmJZXX+mg8Dnd/Z/umHrAdar66Dyo1EzvxxrpyZpSKjmQBE/mY8tyZmKYOrAEmnL7FVIsTZk4pmEN8DUkYp/EOzsfTJwy7+kPGE2of7rzR/Psxi5bOJ0lpoYc65SeW76u0I84w9ZL6pcK1MtHeV9Jtc3ir5sw8PWfq6TYWUpqZCKFR0e1aC7XLCoxrIXvYJR8ZL45BTDPTReMxQN8fdMlRE8PGVRUDIym6kJcnvNi+Fe+0M5VGFCcNJbYdQr+Asen7RtvHMzxk3FTQwtrNGk2lV74A+r3EUcO2ZCTUVNALZR+U4mn2OD46k+DKUo3YpGcEWQpJR8wSY1Xj61BRmbUOkAJxk/4Vh2xbBGg8qETP4fV32emX6F9v0dStIOC31GsFTVUmx+1vkUm5XOn9ySy4tZ/UAYT4UFAvY/9u0wlvgvPsbk6Nn7lBi97UH6sjsNtQErJ/Dr9nYzEgXkcZ5/zTUVrH[370](https://github.com/acheong08/ChatGPT/actions/runs/3671477743/jobs/6206722710#step:6:371)57Jsqw4JfxOQSCrKMUdIRvMrUpuU9RL7/iIL9Ueq5biuqN6scDRyfpkHiiYKo5jBLO7qMNtZ0LraijOdccc6StyzlT5njjAxIKeDeuN9p8ni1MvTvcCe8kVGk/oB71IThCeaqNaKLCV8rMuEMqldEEujykA3KREeZVA+AOp2A5o5nkuTTfMluaFzu34TspGeIKeCKi5DxNo2Gu2xxlAgtlyECZLR7iV8c9uij64tSui6iFL6Mu">
        </form>
    </div>
</div>
<script>
    (function(){
        window._cf_chl_opt={
            cvId: '2',
            cType: 'managed',
            cNounce: '44898',
            cRay: '77823f748f39c5a0',
            cHash: '8065dd636c78e94',
            cUPMDTk: "\/auth\/login?__cf_chl_tk=YcrSC6GxLdFJV3nDQnB94iOY874kZRHn7xo.qxkz0ik-1670803940-0-gaNycGzNB2U",
            cFPWv: 'b',
            cTTimeMs: '1000',
            cTplV: 4,
            cTplB: 'cf',
            cRq: {
                ru: 'aHR0cHM6Ly9jaGF0Lm9wZW5haS5jb20vY2hhdC9mcm9udGVuZC8vYXV0aC9sb2dpbg==',
                ra: 'TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTVfNykgQXBwbGVXZWJLaXQvNjA1LjEuMTUgKEtIVE1MLCBsaWtlIEdlY2tvKSBWZXJzaW9uLzE2LjEgU2FmYXJpLzYwNS4xLjE1',
                rm: 'R0VU',
                d: 'dsUV9dwI9ro5QyqrDDJx/y8V40XDndYGV9bLeu9FXdka0oXjwlIjPJeTAb62GWVUaZBIb8zuMXsl2aQUl9nim/RvwcAjF2GRfcbjTblZQk+kdCNJ9LVXCaxT7P0UK7t4wD1CXQTKPkUIuNpAjkQcVYovpTbJeRCLx/2SgDEUE/jKwD5ywFgMv2XMEh6L+Jty5ZZoGQ+vKXwtq2IgXmnyfq95ZyDWzApjUD9lvrXqwA+SUtgBJ8NmE/CwmblMW8bsFHEN0L78Sl9IBkxjlHqgHUFlOxbKwI+4slnjZ7poRcwfBFQ0WRVG+sLUVxNphh6s9pZBD3UWEyj5wuSu86UX6CXQKjtsl6fVFAyF25a/HQINNZppzxCyk2pje06P1fD66wfE5mlKT72aWbAvkfzCOn/X41k6/yNio5YxxI3bCnGnM0aYgwY/4x8R8SDRZRQt8JmnPSZO+O1Zr24PzPkBfvCyYvHnNiA21KtTnATDdx8zi4WRnkz5HoF2x9RwVUj6Q0/xC3V31lzkgdTw3lW+daORJDtsl1W3QLV8JSmnEfg9ZQ7ai5ofIHPyA19jcMsy9rQ64bTpn31Y7tIno2kCn5S9ER8EJr64kL4XEKEbQUCDv+P5ImupUQBNyAaceO9e',
                t: 'MTY3MDgwMzk0MC41NzQwMDA=',
                m: '7Lx9YJ/uJ/1Rg0ZT5arYdwR4kn/s/tT0mBDT+sn5T4Y=',
                i1: 'MUxuc2VFZXTkaQ6kBzJ0Lw==',
                i2: 'pU5AjHJ1/ZnqMxuNQUy35g==',
                zh: 'iuyN59AGNgeBFFEOPj72EN+xtBfXXvoCyd1dJnIVFAc=',
                uh: 'cm2wjUr6M+ZSWJGGpQRwl8TWzcHP0274MxfQYzAQXGE=',
                hh: 'foaWmAUHGGlVCZaNUJIHhxzxFNzSPNnVe6rJjiQw728=',
            }
        };
        var trkjs = document.createElement('img');
        trkjs.setAttribute('src', '/cdn-cgi/images/trace/managed/js/transparent.gif?ray=77823f748f39c5a0');
        trkjs.setAttribute('style', 'display: none');
        document.body.appendChild(trkjs);
        var cpo = document.createElement('script');
        cpo.src = '/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=77823f748f39c5a0';
        window._cf_chl_opt.cOgUHash = location.hash === '' && location.href.indexOf('#') !== -1 ? '#' : location.hash;
        window._cf_chl_opt.cOgUQuery = location.search === '' && location.href.slice(0, -window._cf_chl_opt.cOgUHash.length).indexOf('?') !== -1 ? '?' : location.search;
        if (window.history && window.history.replaceState) {
            var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;
            history.replaceState(null, null, "\/auth\/login?__cf_chl_rt_tk=YcrSC6GxLdFJV3nDQnB94iOY874kZRHn7xo.qxkz0ik-1670803940-0-gaNycGzNB2U" + window._cf_chl_opt.cOgUHash);
            cpo.onload = function() {
                history.replaceState(null, null, ogU);
            };
        }
        document.getElementsByTagName('head')[0].appendChild(cpo);
    }());
</script>

    <div class="footer" role="contentinfo">
        <div class="footer-inner">
            <div class="clearfix diagnostic-wrapper">
                <div class="ray-id">Ray ID: <code>77823f748f39c5a0</code></div>
            </div>
            <div class="text-center">Performance &amp; security by <a rel="noopener noreferrer" href="https://www.cloudflare.com?utm_source=challenge&utm_campaign=m" target="_blank">Cloudflare</a></div>
        </div>
    </div>
</body>
</html>

I will check if there is a way to solve it

[nick-haoran]

same error

[jabontz09]

does this have to do with chatGPT using cloudflare now?

[acheong08]

does this have to do with chatGPT using cloudflare now?

see title. yes

[coldhotstart]

Looks like the underlying openAI auth is not working

with sync_playwright() as p:
            browser = p.chromium.launch(headless=False)
            page = browser.new_page()
            sync_stealth(page, pure=True)
            page.goto('https://chat.openai.com/auth/login')
            res = sync_cf_retry(page)
            if res:
                cookies = page.context.cookies()
                for cookie in cookies:
                    if cookie.get('name') == 'cf_clearance':
                        cf_clearance_value = cookie.get('value')
                        print(cf_clearance_value)
                ua = page.evaluate('() => {return navigator.userAgent}')
                print(ua)
            else:
                print("cf challenge fail")
            browser.close()

try to bypass it, but have some other issues too.

[nick-haoran]

Looks like the underlying openAI auth is not working

with sync_playwright() as p:
            browser = p.chromium.launch(headless=False)
            page = browser.new_page()
            sync_stealth(page, pure=True)
            page.goto('https://chat.openai.com/auth/login')
            res = sync_cf_retry(page)
            if res:
                cookies = page.context.cookies()
                for cookie in cookies:
                    if cookie.get('name') == 'cf_clearance':
                        cf_clearance_value = cookie.get('value')
                        print(cf_clearance_value)
                ua = page.evaluate('() => {return navigator.userAgent}')
                print(ua)
            else:
                print("cf challenge fail")
            browser.close()

try to bypass it, but have some other issues too.

it was broken by cloudflare.......

[acheong08]

I am fixing. please wait

[coldhotstart]

Looks like the underlying openAI auth is not working

with sync_playwright() as p:
            browser = p.chromium.launch(headless=False)
            page = browser.new_page()
            sync_stealth(page, pure=True)
            page.goto('https://chat.openai.com/auth/login')
            res = sync_cf_retry(page)
            if res:
                cookies = page.context.cookies()
                for cookie in cookies:
                    if cookie.get('name') == 'cf_clearance':
                        cf_clearance_value = cookie.get('value')
                        print(cf_clearance_value)
                ua = page.evaluate('() => {return navigator.userAgent}')
                print(ua)
            else:
                print("cf challenge fail")
            browser.close()

try to bypass it, but have some other issues too.

it was broken by cloudflare.......

It doesn't matter, you can always launch a browser and then simulate the traffic to the openAI, there is no way to block it.

[acheong08]

The point here is to use their API. A browser is too heavy

[nick-haoran]

The point here is to use their API. A browser is too heavy

As you think, selenium is disgusting to use

[Cubicpath]

For reference, the cf_clearance cookie is tied to a combination of your IP address and User Agent, and is currently valid for 2 hours.

[msnyder5]

You could maybe try using cloudscraper. I'm not sure if it works atm https://pypi.org/project/cloudscraper/

[BooBooKittyFck]

@msnyder5

I tried already - and it wants you to use the anticaptcha services - actually i don't have a account to test it.

[transitive-bullshit]

cf_clearance will be required going forwards. The open questions are:

1. How to reliably renew your accessToken if you have a valid clearance token
2. How to reliably renew a clearanceToken

Sharing some of my WIP attempts at resolving the issue:

https://github.com/transitive-bullshit/chatgpt-api/pull/99 - attempting to more closely match the official HTTP requests https://github.com/transitive-bullshit/chatgpt-twitter-bot/pull/5 - added attempts at using puppeteer and playwright

[alexandreteles]

You could maybe try using cloudscraper. I'm not sure if it works atm https://pypi.org/project/cloudscraper/

I tried already - and it wants you to use the anticaptcha services - actually i don't have account to test it.

I do have an account to test it if the maintainer wants to try,

[coldhotstart]

The point here is to use their API. A browser is too heavy

the browser is used to get the cf_clearance cookie and UA, then use that to call the API. I am able to get to the

def part_three(self, token: str) -> None: """ We reuse the token from part to make a request to /api/auth/signin/auth0?prompt=login """ self.debugger.log("Beginning part three") url = "https://chat.openai.com/api/auth/signin/auth0?prompt=login" headers = { "Host": "ask.openai.com", "Origin": "https://chat.openai.com", "Connection": "keep-alive", "Accept": "/", "User-Agent": self.ua, "Referer": "https://chat.openai.com/auth/login", "Content-Length": "100", "Accept-Language": "en-GB,en-US;q=0.9,en;q=0.8", "Content-Type": "application/x-www-form-urlencoded", } payload = f"callbackUrl=%2F&csrfToken={token}&json=true" response = self.session.post(url=url, headers=headers, cookies=self.cookies, data=payload) print("part_three response=" + str(response))

Part1 and Part2 passed .

[acheong08]

I can't get pass part1 even with the clearance cookie. I might be doing something wrong.

[Cubicpath]

@transitive-bullshit Once we get a clearanceToken, getting the accessToken should be the same as before, by calling https://chat.openai.com/api/auth/session with a valid session token. We should only need the clearanceToken for accessing the website.

[alexandreteles]

I can't get pass part1 even with the clearance cookie. I might be doing something wrong.

Are you matching the IP and user_agent of the browser used to obtain the clearance cookie?

[coldhotstart]

def begin(self) -> None: """ Begin the auth process """ self.debugger.log("Beginning auth process") if not self.email_address or not self.password: return

    if self.use_proxy:
        if not self.proxy:
            return

        proxies = {
            "http": self.proxy,
            "https": self.proxy,
        }
        self.session.proxies = proxies

    # First, make a request to https://chat.openai.com/auth/login
    # get cf_clearance
    self.ua = {}
    self.cookies = {}
    with sync_playwright() as p:
        browser = p.chromium.launch(headless=False)
        page = browser.new_page()
        sync_stealth(page, pure=True)
        page.goto('https://chat.openai.com/auth/login')
        res = sync_cf_retry(page)
        if res:
            cookies = page.context.cookies()
            for cookie in cookies:
                if cookie.get('name') == 'cf_clearance':
                    cf_clearance_value = cookie.get('value')
                    print(cf_clearance_value)
            ua = page.evaluate('() => {return navigator.userAgent}')
            print(ua)
        else:
            print("cf challenge fail")
        browser.close()
    url = "https://chat.openai.com/auth/login"
    self.ua = ua
    headers = {
                "Host": "ask.openai.com",
                "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
                "User-Agent": self.ua,
                "Accept-Language": "en-GB,en-US;q=0.9,en;q=0.8",
                "Accept-Encoding": "gzip, deflate, br",
                "Connection": "keep-alive",
            }
    self.cookies = {"cf_clearance": cf_clearance_value}
    response = self.session.get(url=url, headers=headers, cookies=self.cookies)
    if response.status_code == 200:
        self.part_two()
    else:
        self.debugger.log("Error in part one")
        self.debugger.log("Response: ", end="")
        print(response.text)
        self.debugger.log("Status code: ", end="")
        self.debugger.log(response.status_code)
        raise Exception("API error")

def part_two(self) -> None:
    """
    In part two, We make a request to https://chat.openai.com/api/auth/csrf and grab a fresh csrf token
    """
    self.debugger.log("Beginning part two")
    headers = {
                "Host": "ask.openai.com",
                "Accept": "*/*",
                "Connection": "keep-alive",
                "User-Agent": self.ua,
                "Accept-Language": "en-GB,en-US;q=0.9,en;q=0.8",
                "Referer": "https://chat.openai.com/auth/login",
                "Accept-Encoding": "gzip, deflate, br",
            }
    url = "https://chat.openai.com/api/auth/csrf"
    response = self.session.get(url=url, headers=headers, cookies=self.cookies)
    if response.status_code == 200 and "json" in response.headers["Content-Type"]:
        csrf_token = response.json()["csrfToken"]
        print("csrf_token=" + csrf_token)
        self.part_three(token=csrf_token)
    else:
        self.debugger.log("Error in part two")
        self.debugger.log("Response: ", end="")
        self.debugger.log(response.text)
        self.debugger.log("Status code: ", end="")
        self.debugger.log(response.status_code)
        raise Exception("Error logging in")

[acheong08]

Since cloudflare expires, might as well use session tokens along with the clearance. Logging in with the token is too much work to maintain without adding functionality due to the clearance limit.

[nick-haoran]

由于 cloudflare 过期，还不如使用会话令牌和许可。由于许可限制，在不添加功能的情况下，使用令牌登录的维护工作量太大。

so do we have other solutions?

[acheong08]

Yes. Manually getting the cookies from the browser and putting them in the config (only allows 2 hours before manual refresh needed)

[acheong08]

This is a temporary solution which I will try to find a better one later

[coldhotstart]

the better way is to separate the token getting process from the token usage process. creating a token pool and just use chrome robot to get it, you are able to use that for 2Hrs , that's already enough. I am also working on one solution.

[Cubicpath]

I don't see an issue with keeping the current implementation, we only have to change step 1 so we get the clearanceToken, preferable with browser automation. Unless I'm missing something.

[acheong08]

I don't see an issue with keeping the current implementation, we only have to change step 1 so we get the clearanceToken, preferable with browser automation. Unless I'm missing something.

Browser automation is the issue. Not supported on headless instances

[acheong08]

I will build a way to use the clearance token but getting that token will be left to the users

[MohamedAliRashad]

This may not help with the current issue but i got the chance to try svg-captcha-solver and succeed in fixing the captcha request in the start.

[alexandreteles]

I will build a way to use the clearance token but getting that token will be left to the users

Sounds good to me.

Browser automation is the issue. Not supported on headless instances

It most definitely is, but I agree with you that how the token is obtained is a question users should answer. If I may, would it be possible to have it as an optional parameter instead of a required one? One could be using a proxy to bypass Cloudflare's shenanigans and not necessarily be forced to provide the clearenceToken sounds like a good idea.

[acheong08]

Current bypass: https://github.com/acheong08/ChatGPT/releases/tag/0.0.38.7

In config.json:

{
    "session_token": "<YOUR TOKEN>",
    "cf_clearance": "<cf_clearance cookie value>",
    "user_agent": "<USER_AGENT>"
}

[acheong08]

One could be using a proxy to bypass Cloudflare's shenanigans and not necessarily be forced to provide the clearenceToken sounds like a good idea.

Proxies don't help in this case

[acheong08]

If I may, would it be possible to have it as an optional parameter instead of a required one?

The whole thing doesn't work anymore without the cloudflare token

[Cubicpath]

Proxies don't help in this case

Do proxies work at all anymore? As long as you use the same proxy for all requests cf_clearance should be valid. Unless cloudflare blocks proxies :/

[htser]

I'm trying to use automated scripts to periodically fill in cookie

[Harry-Jing]

I'm trying to use automated scripts to periodically fill in cookie

by playwrite?

[alexandreteles]

One could be using a proxy to bypass Cloudflare's shenanigans and not necessarily be forced to provide the clearenceToken sounds like a good idea.

Proxies don't help in this case

There are solutions like cloudscraper and some paid/proprietary local proxy servers that are 100% able to bypass and/or make it easier to work around Cloudflare (the kind of tool scalpers genarally use), reason why I asked if passing as an optional argument would be possible

[acheong08]

Proxies don't help in this case

Do proxies work at all anymore? As long as you use the same proxy for all requests cf_clearance should be valid. Unless cloudflare blocks proxies :/

What I meant was that proxies can't bypass the need for a cf_clearance

[acheong08]

One could be using a proxy to bypass Cloudflare's shenanigans and not necessarily be forced to provide the clearenceToken sounds like a good idea.

Proxies don't help in this case

There are solutions like cloudscraper and some paid/proprietary local proxy servers that are 100% able to bypass and/or make it easier to work around Cloudflare (the kind of tool scalpers genarally use), reason why I asked if passing as an optional argument would be possible

I'm currently having class (school) right now. I'll try to look into it during lunch

[abacaj]

Proxies don't help in this case

Do proxies work at all anymore? As long as you use the same proxy for all requests cf_clearance should be valid. Unless cloudflare blocks proxies :/

What I meant was that proxies can't bypass the need for a cf_clearance

Just for reference any solution will be limited to IP/machine. Can't pass the cookie around.

On remote VM using same cookie:

[coldhotstart]

The hardest part is that the cloudflare will ask for Hcaptcha , so I don't think totally getting ride of web browser is possible at this point .