Error: No Afg cookie

[dhut1832]

Describe the bug I get No Response for panel and all accessories in the Home app. After checking the homebridge log, I continue to see the error:

NOTE: I removed original values ever where you see “xxxx”

[Security System] Error: No afg cookie: ASP.NET_SessionId=xxxx; cookieTest=1; twoFactorAuthenticationId=xxxx; IsFromNewSite=1; fromASP=; IsFromSeamlessLogin=; login=; ST=; adc_e_loggedInAsSubscriber=1; twoFactorAuthenticationSkipped-7408041=false; BIGipServer~AlarmApplication~Alarm_WEBADC_Alarm_HTTPS=!xxxx= at /usr/local/lib/node_modules/homebridge-node-alarm-dot-com/node_modules/node-alarm-dot-com/dist/index.js:91:23 at runMicrotasks () at processTicksAndRejections (internal/process/task_queues.js:95:5)

To Reproduce

Expected behavior

security panel status should change

Screenshots

Homebridge System (please complete the following information):

• Node.js Version: 14.17.4
• NPM Version: 7.20.3
• Homebridge Version: 1.3.4
• Operating System: Raspbian
• Process Supervisor: hb-service

[DMBlakeley]

What version of the plug-in are you using? To use 2-factor authorization you need to use the beta version. You can load the beta version by selecting the wrench icon on the config-ui plugin page for the Homebridge Node Alarm Dot Com plugin and then selecting load previous version.

You can find details on obtaining the cookie here.

If you are already using the beta version then I would suggest that you obtain a new cookie.

[dhut1832]

I’m currently using version 1.7.1. I don’t have 2fa enabled on my account, so would going to the beta version even help? Or if I do go to the beta, do I need to enable 2fa?

[DMBlakeley]

I see in your original post that 2fa was skipped. Have you first tried restarting homebridge? You don't need to have 2fa enabled with the beta.

[dhut1832]

Yes I have restarted. It will work for a little while and then go back to the same error. The only way for me to get back working is to restart home bridge.

[dhut1832]

I have downloaded the beta version and will give it a try for a day or two to see if I still have the same issue. Thanks for the feedback.

[dhut1832]

Well hasn’t been a full day using the betta and already received the same error and panel showing no response in home app.

[DMBlakeley]

Do you have “Timeout to Re-Authenticate Session” and “Device Polling Interval” set to default values of 10 and 60 respectively? If set less than default this can result in issues.

The other item that I note from your system configuration is that you are using NPM Version: 7.20.3. The version that is installed with homebridge is v6.14.14. I have found that it is best to use the default NPM version loaded by homebridge rather than the latest version. May want to try reinstalling homebridge which will correct the NPM version.

I have been using with 2fa for quite some time now. There can be login issues that randomly occur that I have not found to be an issue with the plugin code but rather issues on the Alarm.com side.

[dhut1832]

I do have “Timeout to Re-Authenticate Session” and “Device Polling Interval” set to default values.

[DMBlakeley]

Would suggest reloading homebridge as next step. Also if you haven't done already double check Alarm.com account to confirm that 2fa is not enabled.

[Hoobsnewbie]

Tested with 1.7.2-beta.4 and still having the same issues as others. It will not pass through 2FA. Were there any updates to this solution? I am using hoobs.

[DMBlakeley]

I believe that you should be using 1.7.2-beta.9. I believe that 2fa was introduced after beta.4

[Hoobsnewbie]

I don't see a 1.7.2-beta.9 version Do you have a link to that version/plugin?

[DMBlakeley]

You would need to install through terminal:

npm install homebridge-node-alarm-com-beta.9

beta.10 should also work correctly which you can access directly through the config-ui plug-in interface.

The Wiki has instructions on how to get you 2fa token.

[Hoobsnewbie]

Thanks, Ill take a look and configure.

[JimmyDaGeek]

I'm also running without 2fa enabled on my account. I installed the 1.7.1 release today and received the cookie error. When you login to the alarm.com site via the UI it prompts you to "Set up your System" and enable 2fa. The UI allows you to skip this step. Looks like 2fa is only required the first time a device is used.

My recollection is CURL is used to send and retrieve the HTML, etc. Is this correct? Can I just set up 2fa and copy the cookie text into something I can use when a cookie is requested? Or are they using additional validation? I'm guessing we are using an undocumented API?

[DMBlakeley]

I would recommend using the 1.7.2 beta version which provides support for 2fA. The plugin Wiki has instructions on how to obtain the authorization cookie that is then entered in the settings for the plugin.

[omarshahine]

In my case I downloaded the beta, enabled 2FA and the error went away.