Automating Login for Cloud Functions

[dennis-dsi]

Hi, first of all thank you so much for maintaining this project! The API is amazing!

I wanted to deploy my project in the cloud to avoid manually running the scripts to track my music. Everything worked great until I just noticed, that the key expired and I had to manually go in and update it.

For some reason, all login methods require human interventation, like loggin into the browser or pasting the URL in the console. I just tried the simple login(username, password) method, but I got 401 Client Error: Unauthorized for url: https://api.tidal.com/v1/login/username this error. Even if I don't use the refresh token, the session has an expiary date.

What would you suggest is the best way to deploy this in the cloud without having to manually update the access token every week?

[tehkillerbee]

It's true, the first login requires human intervention. But all following re authentication should be completely automatic and is handled if/when the token has expired.

Saving the token to a file and reloading this token again should be all that is needed. Are you not saving / reloading the token from file?

[dennis-dsi]

Sorry, I don't know to which function you are refering to :)

I am assuming that the login(username, password) is not compatable with the Tidal API, because I receive the requests.exceptions.HTTPError: 401 Client Error: Unauthorized for url: https://api.tidal.com/v1/login/username error.

So I would manually run session.login_oauth_simple() one time and get the access_token and then just run load_oauth_session without any adjustments? But this function does not update the token automatically and will return False after a week or so.

The last thing is the login_session_file, but I don't want to save my creds in the code path, because this would not be secure, so I am unsure as to how to proceed. :/

[tehkillerbee]

Login using password is long deprecated (and should be removed).

You can't use login_oauth_simple() directly like that if you want to avoid having to sign in whenever the token expires.

You will need to use session.login_session_file() to load the session as this will take care of refreshing the token as well.

You can find a good example in the python scripts you find in the example directory.

If you want to reload the session, there is no way around storing the auth token file /somewhere/

What kind of cloud are you using where you may risk someone else accessing your access token file? I assume you would have the exact same issue when you entered the access token manually - the token is stored somewhere and is therefore visible if someone gains access to the system.

[dennis-dsi]

Okay thank you, this help me!

I am using GCP and for good practices I don't want to save the token in the same file in case I share the code without removing this. But I will just use the login_session_file that automatically refreshes.