Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v1 release] TODO list #280

Open
2 of 7 tasks
iMicknl opened this issue Dec 13, 2023 · 2 comments
Open
2 of 7 tasks

[v1 release] TODO list #280

iMicknl opened this issue Dec 13, 2023 · 2 comments

Comments

@iMicknl
Copy link
Owner

iMicknl commented Dec 13, 2023
edited
Loading

nest-protect-header

  • Fix open issues with cookie method
  • Full backwards compatibility for old authentication method
  • Cancel update task during restart
  • Add entity translations
  • Config Flow v2 to v3 migration
  • Add reauth flow for cookie
  • Check and clean cookies (make it easier for users to add this, if they make a mistake, try to clean them or ask again)

t.b.c.
@iMicknl iMicknl pinned this issue Dec 13, 2023
@jnxxx
Copy link

jnxxx commented Dec 14, 2023

Looks very interesting.

May I suggest to implement an evaluation of the given cookies.

I have used the integration myself for 10 months or so using the cookie method. The first 6 months it worked like a charm with no issues. Then the authentication broke for some reason. No worries, I just tried to configure it once again. It turned out to be troublesome and worked for only short periods.
It turned out I had not cleared my cookies properly. After reading the tip in issue #272 I got them from Incognito Mode, and now it seems to work again 🤞

What I notice is the difference in amount of cookies copied from the browser.
When stealing cookeis from Incognito Mode I get the following:

  • NID
  • __Secure-3PSID
  • __Secure-3PAPISID
  • __Host-3PLSID
  • __Secure-3PSIDCC

From a normal tab with improperly cleared cookies, I furthermore got:

  • 1P_JAR
  • CONSENT
  • __Secure-3PSIDTS

To help others, could it be an idea in the config + options flow to implement a check and a warning if the are more than the needed 5 cookies?
If not possible to implement just a warning, it could simply result in an error suggesting to use the Incognito Mode. But accept it if submitting the same string a second time.
If there is no better suggestion, I can give it a try with the implementation.

Secondly, if it experiences the USER_LOGGED_OUT exception, would it be an idea to stop it from retrying?
For two reasons:

  1. To avoid spamming the log
  2. In case it could interfere with the user trying to set up a new session

Lastly, it seems the HTTP session contains a cookie_jar, containing cookies set by previous responses. Would it be an idea to clear this upon configuration? Simply to avoid mixing cookies from multiple sessions.
(I ended up deleting the integration and then re-adding it, utilizing config rather than options flow. Not sure if it made a difference though.)

@iMicknl
Copy link
Owner Author

iMicknl commented Dec 14, 2023

@jnxxx thanks, good feedback! Personally I am still using the original auth method with a refresh token. The cookie method hasn't been developed by me, and the reason it isn't released yet in main, is because there are many open issues.

I just finished my work on the Overkiz (Somfy) integration in core, so hopefully the coming months I will have some more time to work on Nest Protect!

@iMicknl iMicknl changed the title [v2 release] TODO list [v1 release] TODO list Dec 30, 2024
@iMicknl iMicknl unpinned this issue Dec 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@iMicknl @jnxxx