Open pforero opened 4 years ago
Hello. Are you planning to merge this to the master? Will this resolve the 2FA login?
It would resolve it but the owner of this repo has been inactive for a few years now.
If you want you can install this package with this change like this:
pip install -U git+https://github.com/pforero/DegiroAPI.git@totp
Oh wow, thanks. It worked.
As a totp
variable I entered the 6-digit code as string from GoogleAuth.
res = degiro.login(
os.environ.get("DEGIRO_USERNAME"),
os.environ.get("DEGIRO_PASSWORD"),
os.environ.get("DEGIRO_TOTP") # '123456'
)
So am I correct, I have to always type the current code for this to work? Can't this be more automated so it can work in the background?
You can use a package that can generate the TOTP automatically, e.g. https://pypi.org/project/pyotp/
totp = pyotp.TOTP(DEGIRO_TOTP_SEED).now()
Getting your old DEGIRO_TOTP_SEED
may be pretty hard; Degiro won't give it to you for obvious safety reasons. You may need to turn off 2FA, then enable it again so that Degiro generates a new seed for you. You'll import the seed into your GoogleAuth again, plus you'll save it securely in a way so that your script can use it.
If Degiro doesn't show the seed as string (32 alphanumeric characters) you'll have to extract it from the QR code.
I hope I don't need to explain the security implication of doing all this.
EDIT: But I guess doing this is still better than not using 2FA at all...
I just figured it out too. Yeah, security implications are... "Don't get hacked" :-) And use it only on a secured machine. Yeah, but better than without 2FA.
For future reference, these were my steps:
1) Login into Degiro, disable 2FA. Then Enable 2FA (re-add to the google auth app) and scan the QR code with Google Lenses or another QR reader This shows an address in format:
otpauth://totp/DEGIRO:MYUSERNAME?algorithm=SHA1&issuer=DEGIRO&secret=MYSECRET&digits=6&period=30
2) Add MYSECRET to my local .env
file, then use pyotp
library to convert it to the 6-digit verification code.
# file: .env
DEGIRO_USERNAME="MYUSERNAME"
DEGIRO_PASSWORD="MYPASSWORD"
DEGIRO_TOTP="MYSECRET"
# file: main.py
import pyotp
import degiroapi
from dotenv import load_dotenv
def main():
load_dotenv()
totp = pyotp.TOTP(os.environ.get("DEGIRO_TOTP"), digits=6, interval=30)
res = degiro.login(
os.environ.get("DEGIRO_USERNAME"),
os.environ.get("DEGIRO_PASSWORD"),
totp.now())
Issue: Currently degrioapi does not permit log in with accounts that use Two Factor Authentication (2FA).
Solution: If in the DeGiro.login method the user provides a TOTP code, the login is done through the TOTP Log in URL, and provides the oneTimePassword as part of the login_payload.