Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Automatic Reauthentication
See original GitHub issueLots of people seem to be having trouble with the fact that this requires re-authentication with Amazon on a regular basis, however there is no reason that this process couldn’t be entirely automated. Getting a code sent to your phone that you have to enter is only one of the options supported by Amazon. They also support TOTP (Time-based One Time Password) tokens, and you can have both types, including multiple TOTP tokens active at the same time.
I keep thinking I’m going to try and put together a PR for this, but I’m not a Python guy and I still haven’t found the time to figure it out, so I was hoping if I provided enough information about how it can work then someone who already knows python well enough to add support for this could be me to it, then we all win.
The first thing you would need is a TOTP implementation in Python, like https://pyauth.github.io/pyotp/.
Then, instead of prompting for the username, password, and 2FA token, you would ask for the username, password, and shared secret and whenever reauthentication is required you can use the shared secret to compute a current 2FA token.
For Amazon the way you get the shared secret is to go to https://www.amazon.com/a/settings/approval/setup/register and switch the radio button from ‘Phone number’ to ‘Authenticator App’. This will display a QR code for you to scan with something like Google Authenticator, but if you click on the “Can’t scan the barcode?” link underneath it will just give you the shared secret, which will be a bunch of 4-character groups of letters and numbers.
When first setting this up, you have to use that secret to generate the current 2FA token and enter it into the form, That verifies that the implementation gets the correct value and enables that TOTP token to login to your Amazon account. After that whenever reauthentication is required you can just use the shared secret again to generate the current TOTP token and not have involve any humans in the process:
totp = pyotp;TOTP( 'shared secret goes here' )
current_2fa_token = totp.now()
Issue Analytics
- State:
- Created 3 years ago
- Comments:9
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
While I can get behind having an OTP generator, I’m not going to agree to a captcha guesser. There’s no quicker way to lock an account than to repeatedly fail a captcha. If someone is going to get locked out, I’m making sure they’re the one typing stuff in.
So on initial implementation, are you thinking of adding a small delay and then see what experiences a wider audience has? After all, being that there are humans involved, and we already sometimes encounter random slow loads on things, 3 to 5 seconds would be pretty much unnoticed.