🚷 Invalid credentials? Error

[etuck]

I've had docker-wyze-bridge running for over a year. At some point in the last 5-7 days I started getting a credentials error. I hadn't updated either firmware or the bridge in some time although I've since updated the bridge in an attempt to fix the error.

I've removed the container and the directory and completely reinstalled but I still get that error,

The credentials work on both the Wyze website and in the app. I hadn't edited the credentials or anything else in the docker-compose.yaml in months before this happened. Nothing has changed on my network that I can think of...

This is what I'm seeing:

wyze-bridge | 2022/08/12 20:57:19 [WyzeBridge] 🚀 STARTING DOCKER-WYZE-BRIDGE v1.8.1 wyze-bridge | wyze-bridge | 2022/08/12 20:57:19 [WyzeBridge] 🔍 Could not find local cache for 'user' wyze-bridge | Serving Flask app 'frontend' wyze-bridge | Debug mode: off wyze-bridge | 2022/08/12 20:57:19 [WyzeBridge] 🔍 Could not find local cache for 'auth' wyze-bridge | 2022/08/12 20:57:19 [WyzeBridge] ☁️ Fetching 'auth' from the Wyze API... wyze-bridge | 2022/08/12 20:57:19 [WyzeBridge] WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead. wyze-bridge | Running on all addresses (0.0.0.0) wyze-bridge | Running on http://127.0.0.1:5000 wyze-bridge | * Running on http://172.16.57.2:5000 wyze-bridge | 2022/08/12 20:57:19 [WyzeBridge] Press CTRL+C to quit wyze-bridge | 2022/08/12 20:57:19 [WyzeBridge] 🚷 Invalid credentials?

[mrlt8]

hmm, that is strange. Are you still getting the same error? I tried switching between my accounts and they're logging in correctly. I'll try to see if they've changed anything in their web API.

[etuck]

Yes, I'm still seeing it this morning. It's been happening for at least 5 days.

[Lukkasss]

Just to let you know, i was getting the same issue and I noticed in the github page that if you had special characters in your email/password, you should escape them. I tried it at first but it doesn't work either so I just changed my password to remove special characters and it worked. It must be an issue with the chars/encoding.

I was using docker command itself, not docker-compose

[etuck]

Thanks, that's a good thought but my password hasn't changed recently and it's alpha-numeric only - no special characters.

[c-schaer]

I am experiencing the same issue. Tried to escape the special characters in the password as well to no avail.

[Lukkasss]

I just did another test and seems that the problem that I had earlier was to do with the terminal encoding... I'm running docker in proxmox and i'm using the web console. I changed my password to the same that I was getting the error and then tried to escape it using a backslash ( \ ) and it worked this time. Not sure about alpha-numeric only.

@c-schaer are you using the docker run command? If yes, can you try to escape it with backslash ( \ ) to see if it works for you?

This is what worked for me

docker run \
  -e WYZE_EMAIL=hello@world.com \
  -e WYZE_PASSWORD=\$abcdefgh123 \
  -p 1935:1935 -p 8554:8554 -p 8888:8888 -p 5000:5000 \
  mrlt8/wyze-bridge:latest

[c-schaer]

@Lukkasss I'm using Proxmox aswell, but ssh'd in. I tried with both the console and docker-compose with no luck, even with backslash to escape. I actually got it to work by just changing my pass to have no special characters.

[etuck]

I just tried changing my password via the app. No luck.

[cheme75]

Maybe irrelevant to this particular installation, but my password has special characters and there are no issues reading it directly - using docker-compose.yml on win10 docker container.

[mrlt8]

@etuck's credentials used to work, so I don't think it's a special character issue. Are you running the server locally or is it on a remote server?

Can you log in if you make a post request directly to their server?

curl -i --request POST \
  --url https://auth-prod.api.wyze.com/user/login \
  --header 'content-type: application/json' \
  --header 'user-agent: wyze_ios_2.33.0.17' \
  --header 'x-api-key: WMXHYf79Nr5gIlt3r0r7p9Tcw5bvs6BB4U8O8nGJ' \
  --data '{"email":"me@mail.com","password":"md5HashedPassword"}'

You need to triple md5 hash your password with something like:

printf  "MyPassword" | md5sum | awk '{printf $1}' | md5sum | awk '{printf $1}' | md5sum | awk '{printf $1}'  

[etuck]

After hashing the password, the response I get from that call is: {"description":"Invalid User Name or Password.","requestId":"0d73b6aa-011a-4892-b571-1819e94e8eee","errorCode":1000}

I sanity-checked the credentials again by logging on through the app and it worked. I'm running it from a local RaspberryPi 4.

[mrlt8]

Weird. Could you see if the beta api and key make any difference?

curl -i --request POST \
  --url https://auth-beta.api.wyze.com/user/login \
  --header 'content-type: application/json' \
  --header 'user-agent: wyze_ios_2.33.0.17' \
  --header 'x-api-key: J17ZA91bBI1hoOKv6WW7693cNkcG8mBt9i29gxOu' \
  --data '{"email":"me@mail.com","password":"md5HashedPassword"}'

[etuck]

Ok, I got an access token in that response. Here's what I got with some values redacted: {"access_token":"[token]","refresh_token":"[another token]","user_id":"[user_id]","mfa_options":null,"mfa_details":null,"sms_session_id":null}

[mrlt8]

That's great, but I want to avoid using the beta server if possible as they could change things up at any time.

Does the x-api-key from the android app work for you?

  --header 'x-api-key: RckMFKbsds5p6QY3COEXc2ABwNTYY0q18ziEiSEm' \

[etuck]

Yes, that one worked too. It seems to be just the "WMXHYf79Nr5gIlt3r0r7p9Tcw5bvs6BB4U8O8nGJ'" API key that's not working.

[mrlt8]

Potential fix in the dev build. Can change the x-api-key by using the ENV:

- WYZE_APP_API_KEY=RckMFKbsds5p6QY3COEXc2ABwNTYY0q18ziEiSEm

Edit: this has been merged into v1.8.4

[etuck]

Thanks for that. I tried setting the new ENV and now I'm getting:

wyze-bridge | 2022/08/18 13:12:19 [WyzeBridge] 🚀 STARTING DOCKER-WYZE-BRIDGE v1.8.4 wyze-bridge | wyze-bridge | 2022/08/18 13:12:19 [WyzeBridge] 🔍 Could not find local cache for 'user' wyze-bridge | 2022/08/18 13:12:19 [WyzeBridge] 🔍 Could not find local cache for 'auth' wyze-bridge | 2022/08/18 13:12:19 [WyzeBridge] ☁️ Fetching 'auth' from the Wyze API... wyze-bridge | 2022/08/18 13:12:19 [WyzeBridge] Using custom WYZE_APP_API_KEY=RckMFKbsds5p6QY3COEXc2ABwNTYY0q18ziEiSEm wyze-bridge | Serving Flask app 'frontend' wyze-bridge | Debug mode: off wyze-bridge | 2022/08/18 13:12:19 [WyzeBridge] WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead. wyze-bridge | Running on all addresses (0.0.0.0) wyze-bridge | Running on http://127.0.0.1:5000 wyze-bridge | * Running on http://172.16.57.2:5000 wyze-bridge | 2022/08/18 13:12:19 [WyzeBridge] Press CTRL+C to quit wyze-bridge | 2022/08/18 13:12:19 [WyzeBridge] 🚷 Invalid credentials? wyze-bridge | 2022/08/18 13:12:19 [WyzeBridge] 400 Client Error: Bad Request for url: https://auth-prod.api.wyze.com/user/login

I'm just realizing that I probably did the test for the android app x-api-key incorrectly. I didn't change the url to https://auth-prod.api.wyze.com/user/login. I used https://auth-beta.api.wyze.com/user/login again.

This does not work: curl -i --request POST \ --url https://auth-prod.api.wyze.com/user/login \ --header 'content-type: application/json' \ --header 'user-agent: wyze_ios_2.33.0.17' \ --header 'x-api-key: RckMFKbsds5p6QY3COEXc2ABwNTYY0q18ziEiSEm' \ --data '{"email":"[email]","password":"[password]"}'

While this does: curl -i --request POST \ --url https://auth-beta.api.wyze.com/user/login\ --header 'content-type: application/json' \ --header 'user-agent: wyze_ios_2.33.0.17' \ --header 'x-api-key: RckMFKbsds5p6QY3COEXc2ABwNTYY0q18ziEiSEm' \ --data '{"email":"[emaill","password":"[password]"}'

[mrlt8]

Ok, added the ENV WYZE_BETA_API=True that will use https://auth-beta.api.wyze.com/user/login

Changes should be in the dev branch which you should be able to run using mrlt8/wyze-bridge:dev

[etuck]

Yes, that does work! Thanks again!

Just curious, any idea why I am having this credentials problem when no one else seems to?

[mrlt8]

Awesome! Are you currently running any of the beta apps/firmware? It seems like they did have some server issues last week so maybe your account never got lost in the mix? I really have no idea, since you were able to log in/out of the official app which uses auth-prod.

Edit: are you running pi-hole or some other custom DNS server that could interfere with the request?

[ChiefChokeAHo]

Yes, that does work! Thanks again!

Just curious, any idea why I am having this credentials problem when no one else seems to?

I'm having this issue too. I just tried installing this 2 days ago. And I've gotten nothing but "🚷 Invalid credentials?" I am running beta firmwares so I haven't tried the beta login yet. I will later this afternoon.

[VorlonCD]

Hey @mrlt8, I'm getting Invalid Credentials also. With DEBUG_LEVEL=debug, I see this error:

400 Client Error: Bad Request for url: https://auth-prod.api.wyze.com/user/login

Previously had it running successfully for a few weeks with Docker on a nVidia JETSON, decided to shut it down and move it over to a Windows 11 machine with docker.

Right about that time I noticed in the wyze web ui that if I logged out I couldnt log back in again. Too many attempts, account locked or very similar. So I logged out of wyze on all devices, waited somewhere around 2 hours and was able to log in via browser again without issue on two different machines and back in the Android version of the app.

During the account locked message in the web UI I was always able to log out and log in the Android Wyze app!

I've tried escaping the # and ^ in my password with a $ even though those are not special characters.

I've tried it with and without WYZE_BETA_API=True, and with and without the WYZE_APP_API_KEY setting from above, without change.

I have recently enabled 2 factor, and it has let me in the app and 2 other machines with SMS code.

My current command line: docker run -dit -e WYZE_APP_API_KEY=RckMFKbsds5p6QY3COEXc2ABwNTYY0q18ziEiSEm -e DEBUG_LEVEL=debug -e ENABLE_AUDIO=True -e WYZE_EMAIL=xxxx@xxx.com -e WYZE_PASSWORD=1234#abcdef^jkl -p 1935:1935 -p 8554:8554 -p 8888:8888 -p 5001:5000 --restart unless-stopped mrlt8/wyze-bridge:latest

The full log:

[frontend][INFO][WyzeBridge] create_app
[WyzeBridge][INFO][WyzeBridge] 🚀 STARTING DOCKER-WYZE-BRIDGE v1.8.7
[WyzeBridge][INFO][WyzeBridge] 🔍 Could not find local cache for 'user'
 * Serving Flask app 'frontend'
[WyzeBridge][INFO][WyzeBridge] 🔍 Could not find local cache for 'auth'
 * Debug mode: off
[WyzeBridge][INFO][WyzeBridge] ☁️ Fetching 'auth' from the Wyze API...
[WyzeBridge][INFO][WyzeBridge] Using custom WYZE_APP_API_KEY=RckMFKbsds5p6QY3COEXc2ABwNTYY0q18ziEiSEm
[py.warnings][WARNING][WyzeBridge] WARNING: unclosed <socket.socket fd=4, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=0, laddr=('0.0.0.0', 0)>
[werkzeug][INFO][WyzeBridge] WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead.
 * Running on all addresses (0.0.0.0)
 * Running on http://127.0.0.1:5000
 * Running on http://172.17.0.4:5000
[werkzeug][INFO][WyzeBridge] Press CTRL+C to quit
[urllib3.connectionpool][DEBUG][WyzeBridge] Starting new HTTPS connection (1): auth-prod.api.wyze.com:443
[urllib3.connectionpool][DEBUG][WyzeBridge] https://auth-prod.api.wyze.com:443 "POST /user/login HTTP/1.1" 400 None
[WyzeBridge][WARNING][WyzeBridge] 🚷 Invalid credentials?
[WyzeBridge][WARNING][WyzeBridge] 400 Client Error: Bad Request for url: https://auth-prod.api.wyze.com/user/login
[WyzeBridge][INFO][WyzeBridge] ☁️ Fetching 'auth' from the Wyze API...
[WyzeBridge][INFO][WyzeBridge] Using custom WYZE_APP_API_KEY=RckMFKbsds5p6QY3COEXc2ABwNTYY0q18ziEiSEm
[urllib3.connectionpool][DEBUG][WyzeBridge] Starting new HTTPS connection (1): auth-prod.api.wyze.com:443
[urllib3.connectionpool][DEBUG][WyzeBridge] https://auth-prod.api.wyze.com:443 "POST /user/login HTTP/1.1" 400 None
[WyzeBridge][WARNING][WyzeBridge] 🚷 Invalid credentials?
[WyzeBridge][WARNING][WyzeBridge] 400 Client Error: Bad Request for url: https://auth-prod.api.wyze.com/user/login

Thanks!

[mrlt8]

I believe @etuck needed to use WYZE_BETA_API=True and WYZE_APP_API_KEY=RckMFKbsds5p6QY3COEXc2ABwNTYY0q18ziEiSEm at the same time to get it to work.

Will try to see if they made any changes to the app.

[VorlonCD]

Hmm nope. Same error. I went as far as uninstalling Docker, WSL2 and did a full re-install. Using Ubuntu as my default WSL distro and I went in and did an app and distro update before trying again.

2022/09/09 19:09:11 [urllib3.connectionpool][DEBUG][WyzeBridge] https://auth-beta.api.wyze.com:443 "POST /user/login HTTP/1.1" 400 None
2022/09/09 19:09:11 [WyzeBridge][WARNING][WyzeBridge] 🚷 Invalid credentials?
2022/09/09 19:09:11 [WyzeBridge][WARNING][WyzeBridge] 400 Client Error: Bad Request for url: https://auth-beta.api.wyze.com/user/login

Also most likely unrelated but it took me a while to figure out why I was getting a Docker port bind error for 1935. It started happening after a windows update, but this helped me fix: https://stackoverflow.com/questions/65272764/ports-are-not-available-listen-tcp-0-0-0-0-50070-bind-an-attempt-was-made-to

[VorlonCD]

@mrlt8 - Finally! I took the # and ^ out of my password and made it just a lot of random letters and numbers. Logged right in normally and got the 2fa prompt.

Part of it may also have been I changed my password in the app. Too many password attempts may have been causing the same 400 error as above.

Did NOT have to use the beta api or key to get it to work.

FYI when using docker at a command prompt in Windows a $ does not work as an escape character. When my password had a caret ^ and I had to use ^^ to get it to show up correctly in the docker INSPECT tab. But to make it complicated other special characters have different escape chars! Maybe this should be on front page? https://www.robvanderwoude.com/escapechars.php

In the end its just easier to change the password so it doesn't have any special characters.

[mrlt8]

Awesome! I have been planning to redo the authentication so that we could add an option to use the WebUI to pass the login info to the container, and/or an option to use the access token directly.

[qcontinuum1701]

I'm having the same authentication issue. I tried escaping the special character but it didn't work. When I connected to the console, and echo'd the WYZE_PASSWORD var, it had everything up to the special character. I tried to change the password to not include a special character but Wyze won't allow that.

[mrlt8]

@qcontinuum1701 does putting your password in quotes help?

- "WYZE_PASSWORD=!@#$$%^&*()./,[]=-+_><"

[qcontinuum1701]

I tried \ and putting single quotes just around the password. I'll try again w the double quotes.

On Sun, Nov 6, 2022, 9:09 AM mrlt8 @.***> wrote:

@qcontinuum1701 https://github.com/qcontinuum1701 does putting your password in quotes help?

• "WYZEPASSWORD=!@#$$%^&*()./,[]=-+><"

— Reply to this email directly, view it on GitHub https://github.com/mrlt8/docker-wyze-bridge/issues/505#issuecomment-1304810513, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGZE5PNAD6B2WKP22RGLCDLWG6UZBANCNFSM56M37HAA . You are receiving this because you were mentioned.Message ID: @.***>

[qcontinuum1701]

double quoting the password didn't help. Not sure if it matters but I'm running this in Portainer as a Stack per the instructions on the site.

On Sun, Nov 6, 2022 at 9:09 AM mrlt8 @.***> wrote:

@qcontinuum1701 https://github.com/qcontinuum1701 does putting your password in quotes help?

• "WYZEPASSWORD=!@#$$%^&*()./,[]=-+><"

— Reply to this email directly, view it on GitHub https://github.com/mrlt8/docker-wyze-bridge/issues/505#issuecomment-1304810513, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGZE5PNAD6B2WKP22RGLCDLWG6UZBANCNFSM56M37HAA . You are receiving this because you were mentioned.Message ID: @.***>

[qcontinuum1701]

Nevermind I found it. Didn't see the fine print where I had to redeploy for env changes to take effect.

[jack5mikemotown]

Just to let you know, i was getting the same issue and I noticed in the github page that if you had special characters in your email/password, you should escape them

Thank you, this fixed my issue!

[talormanda]

Just to let you know, i was getting the same issue and I noticed in the github page that if you had special characters in your email/password, you should escape them

Thank you, this fixed my issue!

how did you escape them correctly?