-
Notifications
You must be signed in to change notification settings - Fork 573
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authentication persistence (bug?) #1005
Comments
This is exactly what |
After mounting both the keyring dir and the cookies to a volume, it seems to work. Without the mounted keyring, it asks for a password. This is my Docker setup now: version: "3.8"
services:
icloudpd-sam:
image: icloudpd/icloudpd:latest
container_name: icloudpd_sam
network_mode: bridge
environment:
- TZ=Europe/Brussels
volumes:
- /volume1/icloudpd/sam:/data
- cookies:/cookies
- keyring:/root/.local/share/python_keyring
command:
- icloudpd
- --cookie-directory
- /cookies
- --directory
- /data
- --username
- REDACTED
- --watch-with-interval
- "600"
- --set-exif-datetime
- --delete-after-download
- --no-progress-bar
- --password-provider
- keyring
- --password-provider
- webui
- --mfa-provider
- webui
ports:
- 38080:8080
restart: on-failure
icloudpd-sam-notifier:
image: icloudpd/icloudpd:latest
container_name: icloudpd_sam_notifier
network_mode: bridge
environment:
- TZ=Europe/Brussels
volumes:
- cookies:/cookies
- keyring:/root/.local/share/python_keyring
command:
- icloudpd
- --cookie-directory
- /cookies
- --username
- REDACTED
- --auth-only
- --smtp-username
- REDACTED
- --smtp-password
- REDACTED
- --smtp-host
- REDACTED
- --notification-email
- REDACTED
- --notification-email-from
- REDACTED
- --no-progress-bar
- --password-provider
- keyring
networks: {}
volumes:
keyring: null
cookies: null The second container shuts down right away but I have a cronjob that does |
It would be very useful if icloudpd could persist authentication tokens and sessions. I would like to be able to restart the process without having to provide password and/or MFA authentication every time.
I am using Docker and I can persist the password by mounting /root/.local/share/python_keyring/keyring_pass.cfg into a volume. For others reading this, it should be noted that this is not more secure than just putting your Apple ID password in plain text in your Docker config as this contains a base64 encoded string with your password.
But then after persisting my password, I still have to enter my MFA code every time, even though the one I entered previously is probably still valid.
Ideally I would like to persist neither of those 2 (persisting the MFA isn't useful anyway since it's only valid for 30 seconds) but instead just persist a token/session somewhere which can be used to communicate to iCloud without asking me for my credentials.
I thought this is what
--cookie-directory
would do, but that doesn't work. My cookies are properly stored in that folder, but icloudpd is still asking me to re-authenticate every time I start up a container with that folder mounted.The text was updated successfully, but these errors were encountered: