[Enhancement] Logout button.

[1337cookie]

Logout button would be good.

Could also consider opening the sign in page in the user's browser. Something feels funny about putting passwords into 3rd party applications and the user may also use a password manager.

[NathanaelA]

Logout button would be good.

For what Purpose? It allows you to have separate "running" directories for the db and cache so that you can have multiple users easily supported.

Could also consider opening the sign in page in the user's browser.

Idea is to be as dummy proof and USER Friendly to users as possible. I want novice users to be able to use this as-is without any "extra" learning curve. Btw, the end result is identical, copying the Auth-Key from the JSON to paste into the application or logging in to get the Auth-Key to be able to query/download assets doesn't change the "security" of the application.

[1337cookie]

Logout button would be good.

For what Purpose? It allows you to have separate "running" directories for the db and cache so that you can have multiple users easily supported.

I logged in to the wrong account to start with and It didn't have the asset I wanted to download. Uninstalling AMS didn't remove the stored session. I ended up deleting the app data folder but for most people I think that would be too much.

Could also consider opening the sign in page in the user's browser.

Idea is to be as dummy proof and USER Friendly to users as possible. I want novice users to be able to use this as-is without any "extra" learning curve. Btw, the end result is identical, copying the Auth-Key from the JSON to paste into the application or logging in to get the Auth-Key to be able to query/download assets doesn't change the "security" of the application.

If I have to login in with a 3rd party like Google etc I can imagine a lot of people don't like entering their credentials into something that Is not their chosen browser. Many browser based password managers exist that don't work in other applications. The login flow while using the default browser can be simpler than the browser built into your application in those cases and provide more security.

[NathanaelA]

I logged in to the wrong account to start with and It didn't have the asset I wanted to download. Uninstalling AMS didn't remove the stored session. I ended up deleting the app data folder but for most people I think that would be too much.

Ah, there actually is a command line that you can run that will purge everything in this case. Just checked the wiki, doesn't look like it is documented yet... But it is documented via the command line --help and it is --deletedb When I have some time, I'll make sure to get the command line values added to the wiki...

If I have to login in with a 3rd party like Google etc I can imagine a lot of people don't like entering their credentials into something that Is not their chosen browser. Many browser based password managers exist that don't work in other applications. The login flow while using the default browser can be simpler than the browser built into your application in those cases and provide more security.

The only issue is there is no way to get the auth value from the users default browser UNLESS the user copy and pastes an JSON response from epic's servers into a text field in my app, making this method of onboarding a lot more complex than just simply logging in and handling everything behind the scenes. Second, Epic has broken that method at least once that I'm aware of recently, and then every other launcher that used that type of method was broken until those authors updated their respected launchers to use a new api call. Mine shouldn't ever be broken, because it always uses the normal epic login flow and then grabs the cookies when they appear, and has multiple checks to see if the cookies are available EVEN if epic changes the final flow destinations. ;-) The only way for this to break, is if epic breaks their own launcher, which seems very unlikely. I might consider adding a "auth-code" login method, but it is a very low priority since the end result security is virtually the same, as the auth code is the keys to do anything as you.

Thanks for the suggestions!

[1337cookie]

Your app is very good and I appreciate it a lot. Without thinking about it I assumed the login was an openid/oauth type of scenario but it makes sense to me now that I needs to imitate a real session.