export json: seems to be correct

export csv:
labels column shows "" if labels is null or should contact one value
labels column shows "," if labels should contain two values
labels column shows ",," if labels should contain three values
and so on.

Do you have any plans for archived / completed tasks top be exported?

I'm looking for a way to generate weekly reports. Wanted to see what was out there first.

I've been using todoist-export for months. Two weeks back, everything worked fine. Yesterday and today, export is broken. After I click Authorize & Backup, I get this in Firefox:

Secure Connection Failed

The connection to localhost:3000 was interrupted while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
Learn more…

I don't know if this is due to a change in Firefox, or in Todoist. But when I try Chromium, it has the same problem.

I suspect this has some connection to SSL. The "connection failed" URL is https://localhost:3000/todoist-export/?state=json&code=XXX . When I change https to http and keep the rest of the URL, I can actually retrieve the exported file!

When I look into network console, it seems that Todoist is now redirecting always to https, even though the Todoist App I configured should redirect to http. Maybe it's related to the fact that Todoist sets Strict-Transport-Security HTTP header. Maybe they started using HSTS lately? I'm not sure if it can be related.

Any idea how to make it work by default?

Looks like a lot of people are moving from Todoist to AmbleNote.

I wrote a simple php script to convert the JSON into a set of markdown files which can be imported into AmbleNote
https://gist.github.com/mberneis/92a3125949e5e98c992c9f759eb1b062

This creates a Note file per todoist project with all the tasks included.

Thanks for fixing #17

But it still doesn't seem to work, or there's something else going in:

git clone https://github.com/darekkay/todoist-export.git
cd todoist-export/
cp src/config.js.example src/config.js
vim src/config.js  # created new application, added the client ID and client secret
npm install
npm start

$ npm start

> [email protected] start
> node src/index.js

Server running at http://localhost:3000
GET / 302
GET /todoist-export -
GET /todoist-export/ 200
POST /todoist-export/auth 302
GET /todoist-export/?code=xxx&state=json_all 200
GET /todoist-export/export?code=xxx&format=json_all 302
GET /todoist-export/?token=xxx&format=json_all 304
✖ Request failed with status code 404
GET /todoist-export/download?token=xxx&format=json_all 500

And in the browser I get:

Request failed with status code 404

Error: Request failed with status code 404
    at createError (/home/tim/bin/todoist-export/node_modules/axios/lib/core/createError.js:16:15)
    at settle (/home/tim/bin/todoist-export/node_modules/axios/lib/core/settle.js:17:12)
    at IncomingMessage.handleStreamEnd (/home/tim/bin/todoist-export/node_modules/axios/lib/adapters/http.js:236:11)
    at IncomingMessage.emit (events.js:326:22)
    at endReadableNT (_stream_readable.js:1241:12)
    at processTicksAndRejections (internal/process/task_queues.js:84:21)

[Please try again](http://localhost:3000/todoist-export/)

The tool isn't working anymore right? The v5.3 api is discontinued and only the v7 is working.

Thank you for making a useful tool that works very well, and for making its source code available too!

Sorry to open an issue for this, but just wanted to show my appreciation for your work.

Cheers!

Idea from a Reddit post.

Currently, the backup includes only the JSON data that Todoist provides in their API. It would be great to have a way to export all file attachments as well (e.g. images).

I am not sure if this is feasible as part of this project in terms of performance, assuming a single Todoist account may contain hundreds or thousands of assets (see a similar discussion). Also, we need to make sure that Todoist actually allows mass-downloading of user assets in their terms of service.

Seems like API changed see https://developer.todoist.com/sync/v9/
All Sync API requests share the same endpoint URL: https://api.todoist.com/sync/v9/sync

Additionally OAuth not working for me.
Workaround is to create a token on the Settings page and to use it in the callApi method as a header.

Error I get if trying to use OAuth on sync method:

data: {
      error: 'Invalid CSRF token',
      error_code: 410,
      error_extra: [Object],
      error_tag: 'AUTH_INVALID_CSRF_TOKEN',
      http_code: 403
    }

Form options (CSV/JSON) are currently passed through the OAuth state string parameter. This complicates passing state and is nonstandard. Instead, we should be storing this state locally with the state token as a key (and ideally validating the request):

If state is used for carrying application state, and integrity of its contents is a concern, clients MUST protect state against tampering and swapping. This can be achieved by binding the contents of state to the browser session and/or signed/encrypted state values

See:

• https://tools.ietf.org/html/draft-bradley-oauth-jwt-encoded-state-09
• http://www.thread-safe.com/2014/05/the-correct-use-of-state-parameter-in.html
• https://stackoverflow.com/questions/52459476/does-oauth-state-mitigate-any-genuinely-dangerous-attacks
• https://pipedrive.readme.io/docs/marketplace-oauth-authorization-state-parameter

When pressing "authorize & backup", this tool starts fetching all tasks and downloads them when finished. However, users don't know that this operation is in progress because there is no loading indicator. When clicking the direct link, it does work though (default browser loading icon).

Solution: Add either the default browser loading indicator or an on-page loading widget. This is especially important for #9

From an email request:

What is the best way to sort the tasks to have them show up in the same order as they do in todoist so I can compare it to my todoist and see what is missing?

Currently, we transform the JSON that Todoist provides to CSV without changing the order. It would be nice to use the JSON information to reorder the entries in the CSV export according to the order in the Todoist app.

Hi,

I usually export my todoist data each week, I last did it on 24 Nov and it worked. I've tried again today and get this error:

Request failed with status code 404

Error: Request failed with status code 404
    at createError (/home/tim/bin/todoist-export/node_modules/axios/lib/core/createError.js:16:15)
    at settle (/home/tim/bin/todoist-export/node_modules/axios/lib/core/settle.js:17:12)
    at IncomingMessage.handleStreamEnd (/home/tim/bin/todoist-export/node_modules/axios/lib/adapters/http.js:236:11)
    at IncomingMessage.emit (events.js:326:22)
    at endReadableNT (_stream_readable.js:1241:12)
    at processTicksAndRejections (internal/process/task_queues.js:84:21)

[Please try again](http://localhost:3000/todoist-export/)

Maybe Todoist changed something in their API?

Just FYI, has depreciation warnings when npm install is run (nodejs v4.2.6) nodejs on Ubuntu 16.04 LTS if installed via apt and default sources:

npm WARN deprecated [email protected]
npm WARN deprecated [email protected]
npm WARN deprecated [email protected]
npm WARN deprecated [email protected]
npm WARN deprecated [email protected]

Probably caused by Ubuntu LTS having an outdated version of node. Seems better if users install node via upstream nodejs, e.g. curl -sL https://deb.nodesource.com/setup_8.x | sudo bash - (via https://nodejs.org/en/download/package-manager/#debian-and-ubuntu-based-linux-distributions) instead of just apt install nodejs from the distro source.

Do you have any guides / docs on how to consume the exported JSON?

Do we use https://github.com/doist/todoist-python or is there another client that can parse this data easily?

After npm install (with nodejs v8 installed from nodesource)

found 32 vulnerabilities (11 low, 17 moderate, 4 high) in 248 scanned packages
  run `npm audit fix` to fix 26 of them.
  2 vulnerabilities require semver-major dependency updates.
  4 vulnerabilities require manual review. See the full report for details.

And, after npm audit fix

+ [email protected]
+ [email protected]
added 42 packages from 35 contributors, removed 16 packages and updated 33 packages in 3.8s
fixed 26 of 32 vulnerabilities in 248 scanned packages
  4 vulnerabilities required manual review and could not be updated
  1 package update for 2 vulns involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)

I think this is due to node dependency ecosystem "challenges" where a few packages are have fixes, but are not backwards compatible and require code changes to get onto a patched version.

Thanks for the awesome app. I just wanted to let you know that have forked it on Glitch (really cool platform for anyone to clone, inspect code, and run it without having to set up nodejs locally), and added the ability to show a permanent backup file URL including the user token (useful if you want to automate your backups):
https://todoist-backup.glitch.me/app/

Hi!

This thing is actually brilliant and I really appreciate it. I want completed tasks too tho.

Is it hard or easy to add this? Not sure what the API is like yet. Happy to work on helping you do it if I can.

Thanks tho, this gadget saved my @ss.

hi @darekkay,

thanks for this incredibly useful tool! I configured it a couple of days ago and it was working.

Since yesterday (with no changes to the todoist app or the local config) it suddenly stopped working:

Request failed with status code 403

Error: Request failed with status code 403
    at createError (/Users/myusername/todoist-migration/todoist-export/node_modules/axios/lib/core/createError.js:16:15)
    at settle (/Users/myusername/todoist-migration/todoist-export/node_modules/axios/lib/core/settle.js:17:12)
    at IncomingMessage.handleStreamEnd (/Users/myusername/todoist-migration/todoist-export/node_modules/axios/lib/adapters/http.js:236:11)
    at IncomingMessage.emit (node:events:525:35)
    at endReadableNT (node:internal/streams/readable:1359:12)
    at process.processTicksAndRejections (node:internal/process/task_queues:82:21)

Any idea what might be wrong? Can I somehow provide more diagnostic data?

Kind regards
digitalkram