questrade_api icon indicating copy to clipboard operation
questrade_api copied to clipboard
verified publisher icon tgardiner

Subsequent Auth Fails with Token

Open NimishVerma opened this issue 4 years ago • 4 comments

Hi Tom,

Neat project. I noticed something weird. I am using a FastAPI app, in my app.py I always make a connection and instantiate the Q object (= Questrade(refresh_token='XX') ). The first time I run the code it works fine, and a restart causes 400 bad requests. It only works if I change the refresh token from the dashboard or have Q = Questrade() (without the refresh token).

I figure this might be an issue with the API maybe.

NimishVerma avatar Jan 24 '21 01:01 NimishVerma

This code works fine BUT you must authenticate with the token first and only once. Thereafter use the cached OAuth credentials.

kerouac01850 avatar Feb 19 '21 00:02 kerouac01850

I'm running into the same issue. How can we validate if the access_token in ~/.questrade.json is still valid and if not use the refresh_token to get a new access_token

momelod avatar Mar 20 '21 01:03 momelod

I admit that managing the life cycle is not intuitive. You can check my fork of this repository to see where I added some behavior that removes OAuth state caching from the file system. Also look at my Python Connection class to see how it handles the API logic. For my application I didn't want files lying around that had valid OAuth credentials.

Possibly another way to do this without any modification of the API is to generate a new token and immediately delete ~/.questrade.json. Use the presence of ~/.questrade.json as a discriminant to figure out if the connection needs a token parameter.

kerouac01850 avatar Mar 20 '21 01:03 kerouac01850