specification
specification copied to clipboard
vrchatapi
Missing "requiresTwoFactorAuth" object
In the event the account requires 2FA, regardless of method, the CurrentUser object will be replaced with an object similar to
{"requiresTwoFactorAuth":["totp", "otp"]}
I have only seen this be totp and otp together, or emailOtp.
Given that some of the generated libraries do JSON validation, the absence of this causes an error. (however, you can circumvent this in languages like Javascript)
The problem is that the API returns "200" even if it returns this "error object", and we can't specify duplicate HTTP 200 responses in the spec, as they would have the same key.
You can specify that a code returns either, e.g. <User | ReqMFAAuth>, but almost no generator, and not all languages, support that. So due to this API design it is something we will have to fix in each SDK instead. We have already started patching some of them, like Python IIRC. But I can't immediatley think of a clean solution, unless VRC changes the API to return a different HTTP code for the two different objects.
We should create a tracking Issue for making sure the SDK's are patched on this issue.
Just found https://github.com/vrchatapi/specification/issues/259#issuecomment-1734237412 Which in doing so would likely resolve this as well as subsequent library/language specific issues
