search

dilame / instagram-private-api

NodeJS Instagram private API SDK. Written in TypeScript.
MIT License
5.92k stars 1.13k forks source link

Best Practices around Account Usage? #1672

Open hhff opened 1 year ago

hhff commented 1 year ago

General Question

Hi there! I set up this library (it's excellent) with an account that I use often from my iPhone, too. It seems that the library triggered a bunch of suspicious activity that led Instagram to assume my account was phished, and it forced me to change the password.

(all completely understandable)

Form

Put an [x] if you meet the condition, else leave [ ].

Question

What is the best practice for ensuring Instagram doesn't detect phishing behavior? Should I have a dummy account that I use exclusively with this library?

FWIW - I commented out the await ig.simulate.preLoginFlow(); line in my code, because the snippet wasn't working with it in there (see below). Perhaps that's related to Instagram seeing this as phishing behavior?

Code

import type { NextApiRequest, NextApiResponse } from 'next';
import { IgApiClient } from 'instagram-private-api';

const ig = new IgApiClient();
ig.state.generateDevice(process.env.IG_USERNAME || '');
if (process.env.IG_PROXY) ig.state.proxyUrl = process.env.IG_PROXY;

export default async function handler(
  req: NextApiRequest,
  res: NextApiResponse<any>
) {
  try {
    let handle = req.query?.handle || '';
    handle = Array.isArray(handle) ? handle[0] : handle;

    // await ig.simulate.preLoginFlow(); <-- FYI - I commented this out because it was breaking the code!

    const auth = await ig.account.login(
      process.env.IG_USERNAME || '',
      process.env.IG_PASSWORD || ''
    );
    const user = await ig.user.searchExact(handle);
    const info = await ig.user.info(user.pk);
    res.status(200).json(info);
  } catch (e) {
    console.log(e);
    if (e instanceof Error) {
      return res.status(500).json({ error: e.message || "unexpected" });
    }
    res.status(500).json({ error: "unexpected" });
  }
}

Thank you for all of the excellent work here!! 💯

kingbotss commented 1 year ago

This library uses old api. so it is may trigger challenge/checkpoint or suspicious activity.

rohitpotato commented 1 year ago

@hhff any update on this? were you able to find a fix?

hhff commented 1 year ago

Sadly no. I just wait until the requests start failing and then I manually log on to the Insta account and reverify my credentials (which involves changing my password)

Then I update the password in my script and redeploy. Not good but hey. It works

On Sat, Apr 22, 2023 at 2:00 PM Rohit Kashyap @.***> wrote:

@hhff https://github.com/hhff any update on this? were you able to find a fix?

— Reply to this email directly, view it on GitHub https://github.com/dilame/instagram-private-api/issues/1672#issuecomment-1518717943, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAV3R7C55RCKGR5KHVVXQ4TXCQMERANCNFSM6AAAAAATVXTM6A . You are receiving this because you were mentioned.Message ID: @.***>

-- Hugh Francis

c/o Sanctuary Computer, Inc 110 Bowery, 4th FL New York, NY 10013 sanctuary.computer https://www.sanctuary.computer