Getting logged out of API
Hi there
I'm using a script to pull my energy usage from my Glowmarkt and graph it for me. Since I don't like storing my credentials unencrypted, I generate an initial token interactively with
https://api.glowmarkt.com/api/v0-1/auth
and then have my script generate a new token from the old every hour with
https://api.glowmarkt.com/api/v0-1/auth/newToken
That works fine mostly, but quite regularly I get the response:
{"valid":false,"error":"User is not logged in"}
and I have to interactively log in again. This always corresponds with getting logged out of the app on my iPhone as well, most recently at 9:15am today. Is this when the servers get rebooted or similar? Is there any way tokens could be preserved across this event? It means I end up with gaps in my data which have to be manually repopulated
Comments
You can obtain a new token programmatically with:
#!/bin/bash curl -X POST -H "Content-Type: application/json" -H "applicationId: b0f1b774-a586-4f72-9edd-27ead8aa7a8d" \ -d '{ "username": "notme@example.com", "password":"SomethingSecretHere" }' \ "https://api.glowmarkt.com/api/v0-1/auth" | jq '.token' > tokenI'm using `jq` as an easy way to parse the JSON that's returned.
https://stedolan.github.io/jq/
Thanks - that's basically what I'm doing to get my first token. To use that every time would require me to store my email and password in the script, unencrypted, which is a big security no-no though.
It's much better practice to use refresh tokens, but that relies on the server not periodically forgetting them, which is what's happening here
please raise a ticket for this at support@glowmarkt.com
Thanks
Done, thanks
Chris
For anyone who also had this issue, an update to the API was issued on 1st July which seems to have fixed it!
Chris, can you provide more detail on how you get this to work? I would also like to renew the token before it expires, rather than generate a new one after the old one expires. I can find hints to this and requests for it, but no documentation. I've tried using cURL to test the URL you have to .../newToken by substituting the -d'{userid and password}' with -d "token: myverylongstringofatoken" with and without curly braces to no avail. I also tried substituting the -d with -H to put the token in the header but that also produced an error. The best I got was "error":"User is not logged in".
It really would be useful for automation if the token was either permanent, or if the renew just continued if it was used regularly (like an IP address is renewed behind the scenes by DHCP).
You have to send the existing token as a header, same as most other API calls, so it's
curl https://api.glowmarkt.com/api/v0-1/auth/newToken -H "Content-Type: application/json" -H "applicationId: b0f1b774-a586-4f72-9edd-27ead8aa7a8d" -H "token:OLDVERYLONGTOKEN"
That certainly works for me. If you're getting "User is not logged in", it probably means a problem with the existing token. Either it's not valid, or there's a formatting error
Chris, thanks for the response and the tip. I'm using node-Red rather than cURL but if it works with cURL, then I'm happy to spend time working out how to translate cURL into message parts for a function node in node-Red, which I've now done. I had to add a GET to the statement above to get it to work but it's looking good now.
I'll carry on with the flow in node-Red and post a link to it when I'm finished. One thing I will also do is to put in some error checking to confirm that the token is working and then generate a new one before the current one expires, since the expiry date and time is delivered with the token itself. Thanks again for your help.
No problem. CURL usually defaults to GET if you don’t include a -d but I’m glad you got it working