Should the authtoken be cached accross sessions?

[tstibbs]

It's not totally obvious from the login guide whether the authtoken is meant to be cached for the current session or whether it's meant to be cached long-term.

I'm keen not to get my app blocked by blink, so want to act in a way that is likely to be acceptable!

I am aware that it might be possible that no one in this community knows the answer, but thought it was worth asking here.

[axid2006]

https://github.com/nayrk/Blink/issues/14 this is working FINE! with entering PIN code!

[clipod]

I am waiting for the answer too. The API is misleading to create a new token. I am trying to build a serverless functionality and hoping I wont get blocked too. Crazy part is, the token alive for 12+ hours. Not sure whats the expiry strategy.

[MarkusKress]

I'm logon very time with a new session. I have about 50 up to 100 sessions each day. I highly recommend to check if the login was ok or not after each login. If not, I write a file to remember the last login was not ok and don't try to login anymore. In this case, I creating a dummy picture with a message within (using convert). This is something I've learned after my account was blocked.

By the way, I had some days before a problem with my Alexa app. I've got every 5 minutes a message from Alexa app that a new camera system was found. I don't know if these messages are somehow related, but for the message spam from Alexa app, I've opened a ticket at the Alexa support. After some days, they call me and asked me if I use a software called blinkpy. The Alexa support linked both problems, because of my email address I've used with blink and Alexa.

venkat chinni @.***> schrieb am Di., 30. Jan. 2024, 18:13:

I am waiting for the answer too. The API is misleading to create a new token. I am trying to build a serverless functionality and hoping I wont get blocked too. Crazy part is, the token alive for 12+ hours. Not sure whats the expiry strategy.

— Reply to this email directly, view it on GitHub https://github.com/MattTW/BlinkMonitorProtocol/issues/50#issuecomment-1917517608, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADD5Q2AZNIZNUQESU6F3Z7LYRES5BAVCNFSM4W44GSL2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TCOJRG42TCNZWGA4A . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[clipod]

I'm logon very time with a new session. I have about 50 up to 100 sessions each day. I highly recommend to check if the login was ok or not after each login. If not, I write a file to remember the last login was not ok and don't try to login anymore. In this case, I creating a dummy picture with a message within (using convert). This is something I've learned after my account was blocked. By the way, I had some days before a problem with my Alexa app. I've got every 5 minutes a message from Alexa app that a new camera system was found. I don't know if these messages are somehow related, but for the message spam from Alexa app, I've opened a ticket at the Alexa support. After some days, they call me and asked me if I use a software called blinkpy. The Alexa support linked both problems, because of my email address I've used with blink and Alexa. venkat chinni @.> schrieb am Di., 30. Jan. 2024, 18:13: … I am waiting for the answer too. The API is misleading to create a new token. I am trying to build a serverless functionality and hoping I wont get blocked too. Crazy part is, the token alive for 12+ hours. Not sure whats the expiry strategy. — Reply to this email directly, view it on GitHub <#50 (comment)>, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADD5Q2AZNIZNUQESU6F3Z7LYRES5BAVCNFSM4W44GSL2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TCOJRG42TCNZWGA4A . You are receiving this because you are subscribed to this thread.Message ID: @.>

I think I understand the gist. This is extremely helpful. I am feeling the same too to cache the token and create a new one only if the existing one expires. For anyone who is trying to know if a session expired or not, the API will respond with a 401 HTTP status code when using an expired token which can be used as a condition for requesting new token.