Merge pull request #13 from Katistic/master

Two-Factor-Auth login + examples and small fixes

Author: Katistic

.gitignore

@@ -128,3 +128,4 @@ dmypy.json
 publish.cmd
 test.py
 atest.py
+apitester.py

examples/async/Login Logout.py

@@ -0,0 +1,31 @@
+import asyncio
+import vrcpy
+
+# Normal vanilla login
+async def main():
+    # Initialise vrcpy wrapper client and login with username + password
+    client = vrcpy.AClient()
+    await client.login("***REMOVED***", "***REMOVED***")
+
+    # Close client session, invalidate auth cookie
+    await client.logout()
+
+# 2-Factor-Auth account login
+def twofactorauth():
+    # Initialise vrcpy wrapper client
+    client = vrcpy.AClient()
+
+    # Login with username + password, then verify 2-factor-auth code
+    # Can be done in 1 line via:
+    #   await client.login2fa("username", "password", code="123456", verify=True)
+    await client.login2fa("username", "password")
+    await client.verify2fa("123456")
+
+    # Close client session, invalidate auth cookie
+    await client.logout()
+
+def run_main():
+    asyncio.get_event_loop().run_until_complete(main())
+
+def run_2fa():
+    asyncio.get_event_loop().run_until_complete(twofactorauth())

examples/sync/Login Logout.py

@@ -0,0 +1,24 @@
+import vrcpy
+
+# Normal vanilla login
+def main():
+    # Initialise vrcpy wrapper client and login with username + password
+    client = vrcpy.Client()
+    client.login("username", "password")
+
+    # Close client session, invalidate auth cookie
+    client.logout()
+
+# 2-Factor-Auth account login
+def twofactorauth():
+    # Initialise vrcpy wrapper client
+    client = vrcpy.Client()
+
+    # Login with username + password, then verify 2-factor-auth code
+    # Can be done in 1 line via:
+    #   client.login2fa("username", "password", code="123456", verify=True)
+    client.login2fa("username", "password")
+    client.verify2fa("123456")
+
+    # Close client session, invalidate auth cookie
+    client.logout()

vrcpy/__init__.py

@@ -1,6 +1,6 @@
 __title__ = "vrcpy"
 __author__ = "Katistic"
-__version__ = "0.6.5"
+__version__ = "0.6.7"
 
 from vrcpy.client import Client
 from vrcpy.client import AClient

vrcpy/client.py

@@ -274,12 +274,69 @@ def login(self, username, password):
         self.me = objects.CurrentUser(self, resp["data"])
         self.loggedIn = True
 
+    def login2fa(self, username, password, code=None, verify=False):
+        '''
+        Used to initialize client for use (for accounts with 2FactorAuth)
+
+            username, string
+            Username of VRC account
+
+            password, string
+            Password of VRC account
+
+            code, string
+            2FactorAuth code
+
+            verify, boolean
+            Whether to verify 2FactorAuth code, or leave for later
+
+        This will ignore the RequiresTwoFactorAuthError exception, so be careful!
+        If kwarg verify is False, Client.verify2fa() must be called after
+        '''
+
+        if self.loggedIn: raise AlreadyLoggedInError("Client is already logged in")
+
+        auth = username+":"+password
+        auth = str(base64.b64encode(auth.encode()))[2:-1]
+
+        resp = None
+
+        try:
+            resp = self.api.call("/auth/user", headers={"Authorization": "Basic "+auth}, no_auth=True, verify=False)
+            raise_for_status(resp)
+        except RequiresTwoFactorAuthError:
+            self.api.set_auth(auth)
+            self.api.session.cookies.set("auth", resp["response"].cookies["auth"]) # Auth cookieeee
+            if verify:
+                self.needsVerification = True
+                self.verify2fa(code)
+            else: self.needsVerification = True
+
+    def verify2fa(self, code):
+        '''
+        Used to finish initializing client for use after Client.login2fa()
+
+            code, string
+            2FactorAuth code
+        '''
+
+        if self.loggedIn: raise AlreadyLoggedInError("Client is already logged in")
+
+        resp = self.api.call("/auth/twofactorauth/totp/verify", "POST", json={"code": code})
+        resp = self.api.call("/auth/user")
+
+        self.me = objects.CurrentUser(self, resp["data"])
+        self.loggedIn = True
+        self.needsVerification = False
+
     def __init__(self, verify=True, caching=True):
         self.api = Call(verify)
         self.loggedIn = False
         self.me = None
         self.caching = caching
 
+        self.needsVerification = False
+
 class AClient(Client):
     '''
     Main client interface for VRC
@@ -541,10 +598,70 @@ async def login(self, username, password):
 
         await self.me.cacheTask
 
+    async def login2fa(self, username, password, code=None, verify=False):
+        '''
+        Used to initialize client for use (for accounts with 2FactorAuth)
+
+            username, string
+            Username of VRC account
+
+            password, string
+            Password of VRC account
+
+            code, string
+            2FactorAuth code
+
+            verify, boolean
+            Whether to verify 2FactorAuth code, or leave for later
+
+        This will ignore the RequiresTwoFactorAuthError exception, so be careful!
+        If kwarg verify is False, AClient.verify2fa() must be called after
+        '''
+
+        if self.loggedIn: raise AlreadyLoggedInError("Client is already logged in")
+
+        auth = username+":"+password
+        auth = str(base64.b64encode(auth.encode()))[2:-1]
+
+        resp = None
+
+        try:
+            resp = await self.api.call("/auth/user", headers={"Authorization": "Basic "+auth}, no_auth=True, verify=False)
+            raise_for_status(resp)
+        except RequiresTwoFactorAuthError:
+            self.api.openSession(auth)
+            self.api.session.cookie_jar.update_cookies([["auth", resp["response"].headers["Set-Cookie"].split(';')[0].split("=")[1]]])
+
+            if verify:
+                self.needsVerification = True
+                await self.verify2fa(code)
+            else:
+                self.needsVerification = True
+
+    async def verify2fa(self, code):
+        '''
+        Used to finish initializing client for use after AClient.login2fa()
+
+            code, string
+            2FactorAuth code
+        '''
+
+        if self.loggedIn: raise AlreadyLoggedInError("Client is already logged in")
+
+        await self.api.call("/auth/twofactorauth/totp/verify", "POST", json={"code": code})
+        resp = await self.api.call("/auth/user")
+
+        self.me = aobjects.CurrentUser(self, resp["data"])
+        self.loggedIn = True
+        self.needsVerification = False
+
+        await self.me.cacheTask
+
     def __init__(self, verify=True, caching=True):
         super().__init__()
-
         self.api = ACall(verify=verify)
         self.loggedIn = False
         self.me = None
         self.caching = caching
+
+        self.needsVerification = False

vrcpy/errors.py

@@ -10,8 +10,12 @@ class NotAuthenticated(Exception):
     ## When user tries to call authenticated requests without setting b64_auth
     pass
 
-class TwoFactorAuthNotSupportedError(Exception):
-    ## When trying to login with 2fa enabled account
+class RequiresTwoFactorAuthError(Exception):
+    ## When trying to login with 2fa enabled account without Client.login2fa()
+    pass
+
+class InvalidTwoFactorAuth(Exception):
+    ## When 2fa code passed for verification is incorrect
     pass
 
 class AlreadyLoggedInError(Exception):

vrcpy/objects.py

@@ -45,14 +45,14 @@ def _objectIntegrety(self, obj):
         if self.only == []:
             for key in self.unique:
                 if not key in obj:
-                    raise IntegretyError("Object does not have unique key ("+key+") for "+self.objType)
+                    raise IntegretyError("Object does not have unique key ("+key+") for "+self.objType+" (Class definition may be outdated, please make an issue on github)")
         else:
             for key in obj:
                 if not key in self.only:
-                    raise IntegretyError("Object has key not found in "+self.objType)
+                    raise IntegretyError("Object has key not found in "+self.objType+" (Class definition may be outdated, please make an issue on github)")
             for key in self.only:
                 if not key in obj:
-                    raise IntegretyError("Object does not have requred key ("+key+") for "+self.objType)
+                    raise IntegretyError("Object does not have requred key ("+key+") for "+self.objType+" (Class definition may be outdated, please make an issue on github)")
 
 ## Avatar Objects
 

vrcpy/request.py

@@ -10,13 +10,20 @@ def raise_for_status(resp):
         resp["data"] = json.loads(resp["data"].decode())
 
     def handle_400():
-        if resp["data"]["error"]["message"] == "These users are not friends":
-            raise NotFriendsError("These users are not friends")
-        elif resp["data"]["error"]["message"] == "\"Users are already friends!\"":
-            raise AlreadyFriendsError("Users are already friends!")
+        if "error" in resp["data"]:
+            if resp["data"]["error"]["message"] == "These users are not friends":
+                raise NotFriendsError("These users are not friends")
+            elif resp["data"]["error"]["message"] == "\"Users are already friends!\"":
+                raise AlreadyFriendsError("Users are already friends!")
+        elif "verified" in resp["data"]:
+            raise InvalidTwoFactorAuth("2FactorAuth code is invalid.")
 
     def handle_401():
-        raise IncorrectLoginError(resp["data"]["error"]["message"])
+        if "requiresTwoFactorAuth" in resp["data"]["error"]["message"]\
+            or "Requires Two-Factor Authentication" in resp["data"]["error"]["message"]:
+            raise RequiresTwoFactorAuthError("Account is 2FactorAuth protected.")
+        elif "Invalid Username or Password" in resp["data"]["error"]["message"]:
+            raise IncorrectLoginError(resp["data"]["error"]["message"])
 
     def handle_404():
         msg = ""
@@ -37,7 +44,7 @@ def handle_404():
 
     if resp["status"] in switch: switch[resp["status"]]()
     if resp["status"] != 200: raise GeneralError("Unhandled error occured: "+str(resp["data"]))
-    if "requiresTwoFactorAuth" in resp["data"]: raise TwoFactorAuthNotSupportedError("2FA is not supported yet.")
+    if "requiresTwoFactorAuth" in resp["data"]: raise RequiresTwoFactorAuthError("Account is 2FactorAuth protected.")
 
 class ACall:
     def __init__(self, loop=asyncio.get_event_loop(), verify=True):
@@ -62,9 +69,9 @@ async def closeSession(self):
         await self.session.close()
         self.session = None
 
-    async def call(self, path, method="GET", headers={}, params={}, json={}, no_auth=False):
+    async def call(self, path, method="GET", headers={}, params={}, json={}, no_auth=False, verify=True):
         if no_auth:
-            return await self._call(path, method, headers, params, json)
+            return await self._call(path, method, headers, params, json, verify)
 
         if self.apiKey == None:
             async with self.session.get("https://api.vrchat.cloud/api/1/config", verify_ssl=self.verify) as resp:
@@ -89,19 +96,19 @@ async def call(self, path, method="GET", headers={}, params={}, json={}, no_auth
                 try: json = await resp.json()
                 except: json = None
 
-                resp = {"status": resp.status, "data": json if not json == None else content}
-                raise_for_status(resp)
+                resp = {"status": resp.status, "response": resp, "data": json if not json == None else content}
+                if verify: raise_for_status(resp)
                 return resp
 
             json = await resp.json()
             status = resp.status
 
-        resp = {"status": status, "data": json}
+        resp = {"status": status, "response": resp, "data": json}
 
-        raise_for_status(resp)
+        if verify: raise_for_status(resp)
         return resp
 
-    async def _call(self, path, method="GET", headers={}, params={}, json={}):
+    async def _call(self, path, method="GET", headers={}, params={}, json={}, verify=True):
         h = {
             "user-agent": "",
         }
@@ -132,14 +139,14 @@ async def _call(self, path, method="GET", headers={}, params={}, json={}):
                     try: json = await resp.json()
                     except: json = None
 
-                    return {"status": resp.status, "data": json if not json == None else content}
+                    return {"status": resp.status, "response": resp, "data": json if not json == None else content}
 
                 json = await resp.json()
                 status = resp.status
 
-            resp = {"status": status, "data": json}
+            resp = {"status": status, "response": resp, "data": json}
 
-            raise_for_status(resp)
+            if verify: raise_for_status(resp)
             return resp
 
 class Call:
@@ -157,11 +164,11 @@ def new_session(self):
         self.session = requests.Session()
         self.b64_auth = None
 
-    def call(self, path, method="GET", headers={}, params={}, json={}, no_auth=False):
+    def call(self, path, method="GET", headers={}, params={}, json={}, no_auth=False, verify=True):
         headers["user-agent"] = ""
 
         if no_auth:
-            return self._call(path, method, headers, params, json)
+            return self._call(path, method, headers, params, json, verify)
 
         if self.b64_auth == None:
             raise NotAuthenticated("Tried to do authenticated request without setting b64 auth (Call.set_auth(b64_auth))!")
@@ -189,17 +196,17 @@ def call(self, path, method="GET", headers={}, params={}, json={}, no_auth=False
             try: json = resp.json()
             except: json = None
 
-            resp = {"status": resp.status_code, "data": json if not json == None else resp.content}
+            resp = {"status": resp.status_code, "response": resp, "data": json if not json == None else resp.content}
 
-            raise_for_status(resp)
+            if verify: raise_for_status(resp)
             return resp
 
-        resp = {"status": resp.status_code, "data": resp.json()}
+        resp = {"status": resp.status_code, "response": resp, "data": resp.json()}
 
-        raise_for_status(resp)
+        if verify: raise_for_status(resp)
         return resp
 
-    def _call(self, path, method="GET", headers={}, params={}, json={}):
+    def _call(self, path, method="GET", headers={}, params={}, json={}, verify=True):
         if self.apiKey == None:
             resp = requests.get("https://api.vrchat.cloud/api/1/config", headers=headers, verify=self.verify)
             assert resp.status_code == 200
@@ -222,12 +229,12 @@ def _call(self, path, method="GET", headers={}, params={}, json={}):
             try: json = resp.json()
             except: json = None
 
-            resp = {"status": resp.status_code, "data": json if not json == None else resp.content}
+            resp = {"status": resp.status_code, "response": resp, "data": json if not json == None else resp.content}
 
-            raise_for_status(resp)
+            if verify: raise_for_status(resp)
             return resp
 
-        resp = {"status": resp.status_code, "data": resp.json()}
+        resp = {"status": resp.status_code, "response": resp, "data": resp.json()}
 
-        raise_for_status(resp)
+        if verify: raise_for_status(resp)
         return resp