Closed eBerdnA closed 5 months ago
Hey, to clarify: The oauth code - the thing your user copy-pastes, or that you get via the callback URL if you use that flow, will work exactly once. You use this to log in, and you get an access token (you get the same type of token no matter how you log in, be that via password flow, oauth, whatever). This is what log_in returns, and will write to the file specified by to_file. Afterwards, you just use that file, or that token:
m = Mastodon(access_token = 'user_credential_temp.secret')
and that's that, you now have access. This is the thing you should persist (and should avoid posting publicly). The oauth code is just a temporary value that you can discard later.
Does that answer your questions?
Yes and thanks for your answer.
I just realized that my misassumption was that I still needed to execute log_in()
in subsequent runs. That sent me down the wrong path.
I'm somehow stuck understanding how the OAuth flow should be working. My understanding is that I need to get a consent from the user for the app to act on their behalf. Afterwards I can use the obtained OAuth token to login again.
init.py
The above one works as expected.
lists.py
But running
lists.py
results inInvalid access token or redirect_uris: ('Mastodon API returned error', 400, 'Bad Request', 'invalid_grant')
.What am I missing?