Closed heyya closed 3 years ago
seeing the same:
Aug 04 08:51:45.880 TRCEthread ' main' panicked at 'signal: WantLogin failed',
src/credentials.rs:70:Aug 04 08:51:45.8809
DEBG response '403 Forbidden' for https://api.locastnet.org/api/user/login
stack backtrace:
0: 0x101fd819e - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::h7dac4b58aa11870a
1: 0x10200fa6e - core::fmt::write::h53badd02f711efbe
2: 0x101fd38ca - std::io::Write::write_fmt::hd02c4bbaf6463567
3: 0x101fefdaf - std::panicking::default_hook::{{closure}}::ha7d22468d4529f02
4: 0x101fef93a - std::panicking::default_hook::hc6c5fb91e7ed228a
5: 0x101ff0320 - std::panicking::rust_panic_with_hook::h94fd567d38cd4da7
6: 0x101cf8b1d - std::panicking::begin_panic::{{closure}}::h6c14cb930dddbab1
7: 0x101cf7d48 - std::sys_common::backtrace::__rust_end_short_backtrace::h4e520f655c3fb092
8: 0x102015a4e - std::panicking::begin_panic::hb154d840813e5b7c
9: 0x101cbaf94 - <core::future::from_generator::GenFuture<T> as core::future::future::Future>::poll::h632404acdc12e257
10: 0x101cceebd - locast2tuner::main::{{closure}}::h40dcba24c3f61291
11: 0x101ca0759 - tokio::macros::scoped_tls::ScopedKey<T>::set::h0f17ef64e7b449b5
12: 0x101ccd3d3 - <core::future::from_generator::GenFuture<T> as core::future::future::Future>::poll::hfdb4f42fb84afef0
13: 0x101ca09a4 - tokio::macros::scoped_tls::ScopedKey<T>::set::h95a18e6ace5bdf78
14: 0x101c83f92 - tokio::runtime::Runtime::block_on::h56b530e73d8b57f6
First of all, it's somewhat unfortunate that y'all disregard issue templates put in place. With just a message "can't login", there is no way I can debug any of this.
That said, it seems locast.org has changed their login protocol and currently requires a client_id
to be passed on when logging in. I'll have a look what changes have been made and to see if I can add this.
It seems that locast implemented a captcha with Google ReCaptcha, which is probably hard to beat. I'll investigate more today, but this might be a tough one..
It seems that locast implemented a captcha with Google ReCaptcha, which is probably hard to beat. I'll investigate more today, but this might be a tough one..
btw the Google ReCaptcha was already there for a while, i think they just started enforcing it
It seems the api requires a client_id
and when I just use the one that the browser sends, I get the following message:
curl -X POST -d '{"username": "*****", "password":"*****' -H 'Content-Type: application/json' 'https://api.locastnet.org/api/user/login?client_id=*****'
{"code":403,"message":"Invalid captcha"}
It seems the api requires a
client_id
and when I just use the one that the browser sends, I get the following message:curl -X POST -d '{"username": "*****", "password":"*****' -H 'Content-Type: application/json' 'https://api.locastnet.org/api/user/login?client_id=*****' {"code":403,"message":"Invalid captcha"}
@wouterdebie strange, sure this wont work for long but i can use their captcha
curl --location --request POST 'https://api.locastnet.org/api/user/login/?client_id=CqhAMsBw%2BnxTXSJMLGqyOw%3D%3D' \
--header 'Content-Type: application/json' \
--data-raw '{
"username": "********",
"password": "*********",
"captcha": "03AGdBq26wxs7i01NT_gL4r74b63lW5pPdOokq6zZYCUIhktvEBRfGiFS5D4VmN-PZcv9l4VNEK7ZdDsw-NmKhLin2P8M2LiiTVUB2K3rLZi2HLB5YYGmNB2q8F_bVlvGy7zXgBsroDu3L2Nq8eQ8vFuzt3f-_EKJOpFxEIO5xR1t9_h72CEu2bJu3pOkANcs-CwahJYEJAOwEJsVGdWeLc5BUt4F1V5mBgfQZE6u0mOyzHd0VG_I3hyEmlcH3v9NmB73m8eHspvUXVcRSDvjYxAvOm_QTxBjoRIGk9gJwA6G3VEA6cO4an4wyaHkFtNvz46xc5n7vElT9bHcoNmTcf2BXjOIoHhccee6DmgA5W1mxTkfN0L8cX-pKr_ZGszlaEvQKvb7iqmTZysptMZ9TxO7A-sJxAbOf7ocQgavzTZxJiQpG2bi_OGyAMcH1YbA8PC08T7CUOuVL"
}'
Though it may not have anything to do with enforcing credential changes that have been lurking under the covers for a while, I can't help but think their new "profiles feature" may have something to do with differentiating a client from a device. They obviously would need to push out changes across all their platforms before turning on enforcement and I did have to click through some profile-related popup content on their website when I logged in this morning to see if there were any notable changes.
@CalebMuhia Thanks for this! I had totally missed that login request, since there are 2, where the first one is an OPTIONS request and the 2nd one is the actual POST. Now the question is how do we get the client_id and captcha programatically.
@jg-24 good point and it might very well be. That said, the problem remains the same.. We need to get the client_id and captcha in order to log in..
Aight.. I just found out that API calls with anything as a captcha work:
curl -X POST -d '{"username": ****, "password":"****, "captcha":"foo"}' -H 'Content-Type: application/json' 'https://api.locastnet.org/api/user/login?client_id=***'
{"token":"***"}
Aight.. I just found out that API calls with anything as a captcha work:
curl -X POST -d '{"username": ****, "password":"****, "captcha":"foo"}' -H 'Content-Type: application/json' 'https://api.locastnet.org/api/user/login?client_id=***' {"token":"***"}
@wouterdebie you are right, works for me too, not sure how long that would last, but its great for now, thanks for the infor
Indeed, works for me as well - at least for now...
Alright.. it seems that the client ID is hardcoded in /static/js/constants.js
(webpack packs this stuff, so it's really found in some main.XXX.chunk.js) and is the same everywhere. I've hardcoded this ID in locast2tuner, but this might break in the future.
Should be fixed in 0.1.46 which is building as I write this.
Came up fine for me. Thanks as always!
Just note there are a few other version bumps, because uploading of debian packages failed. But everything should be good now. That said, I really hope this is not going to break in the future..
Confirming that 0.1.48 is showing up on the PPA for me now. Thanks!
hey is there anyway this might work for locast2dvr even though i know its depreciated? Thanks
It will work, but I'm not going to backport it, since I really don't want that project to continue..
Okay is it something as simple as making a change in the config file?
And Im honestly trying to convert to locast2tuner since its the current adaptation, however im currently using windows 10 and a noob when it comes to using docker (which is what im trying to run it on through windows for plex). Is it possible to get some assistance setting it up?
@alvin3k you should just upgrade to the latest version. No need for config changes.
I did the update command from in the command prompt, but when i try to run it this is the error I get. Started randomly this morning same as with locast2tuner (which is coincidently enough how I found out about this).
C:\WINDOWS\system32>locast2dvr --config C:\Users\redacted\Desktop\locast2dvr-main\config.ini 2021-08-04 17:31:39 - INFO - Main: locast2dvr 0.8.1 running on CPython 3.9.1, Windows-10-10.0.19041-SP0 starting 2021-08-04 17:31:39 - INFO - LocastService: Logging in with redacted email 2021-08-04 17:31:39 - ERROR - Main: Login failed: 403 Client Error: Forbidden for url: https://api.locastnet.org/api/user/login
@alvin3k Let's not clutter up this issue with this - If you want to pop into the Glitter (link on the repo page), I can try to help you get locast2tuner running in Windows under Docker over the next day or so. @Croq360 is running it this way and sometimes shows up there, too.
I am unable to login to locast through locast2tuner on RPi. My locast account is good and verified at locast.org. I tried updating and even uninstalling and reinstalling locast2tuner. What am I missing? Thanks.
@jeffdiggstx not sure what you're missing.. Maybe add some more info? What version are your running? What do the logs say? What's you config?
Doing this for fHDHR right now
https://github.com/tgorgdotcom/locast2plex/issues/272#issuecomment-906024792
Been working fine. Today, getting Login Failed message.
Message: thread 'main' panicked at 'Login failed', src/credentials.rs:70:9