0

I want the user to input an account name so I can look for a matching token on storage. If the token exists I want to load a webview with the set cookie. This will aid in fast login when the user has multiple accounts. The cookie is getting set as def on_cookie_added is printing the token, but the page doesn't load with the user logged in.

Name: ACCESS_INFO
Value: 00000000%xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx%xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
The 0s are the fixed user Id from Twitch, the x are generated characters generated by Stream Raiders. From the tokens I checked, it always has 111 characters in total
Domain: .www.streamraiders.com
Path: /
Expires: Time in ISO 8601 
Size: 122
HttpOnly: True
Secure: True
SameSite: Lax
Priority: Medium

Here's the code, very simple, gets user input and loads the webview. That is working properly.

import time
from PyQt5.QtWebEngineWidgets import QWebEngineView, QWebEnginePage
from PyQt5.QtCore import QUrl, QDateTime
from PyQt5.QtNetwork import QNetworkCookie
from PyQt5.QtWidgets import QApplication
from utils import constants
from utils.settings import open_file

name = input("Please insert the account name you want to access: ")
accounts = open_file(constants.py_accounts)
ACCESS_INFO = None

for account in accounts:
    if account["name"] == name:
        ACCESS_INFO = account["token"]
        break
else:
    print("Please insert the account you would like to access.")
    sys.exit()

app = QApplication([])

view = QWebEngineView()
page = QWebEnginePage()


store = page.profile().cookieStore()

store.deleteAllCookies()

cookie = QNetworkCookie()
cookie.setName(b"ACCESS_INFO")
cookie.setValue(ACCESS_INFO.encode("utf-8"))
cookie.setDomain(".www.streamraiders.com")
cookie.setPath("/")
expiration_date = QDateTime.currentDateTime().addDays(5)
cookie.setExpirationDate(expiration_date)
cookie.setHttpOnly(True)
cookie.setSecure(True)

store.setCookie(cookie, QUrl("https://www.streamraiders.com"))

view.setPage(page)

def on_cookie_added(cookie):
    cookie_name = cookie.name().data().decode()
    cookie_value = cookie.value().data().decode()
    if cookie_name == "ACCESS_INFO":
        print(cookie_value)
        time.sleep(5)
        view.setUrl(view.url())

store.cookieAdded.connect(on_cookie_added)

url = QUrl("https://www.streamraiders.com")
view.setUrl(url)

view.show()
app.exec_()

I've already tried type the domain in different ways such as without the leading dot, with https, without the expiration date. I've already tried passing only the name and the value. Nothing worked.

Any help is appreciated.

Improve this question
8
  • Calling setUrl() with the same url is completely pointless. You should at least use reload(). And you should also not use blocking functions like time.sleep() in the main UI thread; if you want to delay a function call, use QTimer.singleShot(). Commented Dec 14, 2023 at 17:49
  • I already did view.reload() before and didn't work. Did it again alongside QTimer.singleShot(), didn't work either. My idea here was to reload the page after the cookie is set. But it sleeps, reloads and the cookie is gone. Commented Dec 14, 2023 at 17:57
  • "It doesn't work" is an insufficient explanation. What doesn't work? Does the page reload or not? If the the reload does work, but the user is not logged, then either the cookie isn't properly set, or the server/page doesn't accept it as valid for that purpose. Commented Dec 14, 2023 at 18:00
  • It reloaded the page, but without the custom cookies. Anyways, case closed, the code is fine, it's the way the server handles the tokens (which is outside my control). Fresh tokens work, old tokens don't which I managed to reproduce both manually and with the script. This left me flabbergasted because these "invalid" tokens aren't allowing the user to log in using the browser session, but my app is using these same tokens perfectly fine to perform some automated http requests. Regardless, I added a note for the user to generate fresh tokens if they aren't working on the browser. Commented Dec 14, 2023 at 18:49
  • Note that in your token above you only showed us the initial zeroes, the following values are most certainly set from the server with some encryption in order to properly authenticate the user. It isn't clear if those x you used are placeholders or you actually did use x; in that case, it's obviously invalid: the server uses encrypted values in order to properly ensure that the authentication is valid (possibly with a server side expiration and a checksum), it obviously isn't sufficient to just set the user name in the cookie, otherwise there would be a huge security problem there. Commented Dec 14, 2023 at 18:57
Related questions
2883
How to upgrade all Python packages with pip
1960
How do I declare custom exceptions in modern Python?
1873
Use different Python version with virtualenv
Load 4 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.