login fail about robin_stocks HOT 23 CLOSED

I am experiencing a login issue as well however its on the authentification end. I am using version 0.9.8.6. This was working as of 04/26/2019. Here are my error logs.

400 Client Error: Bad Request for url: https://api.robinhood.com/oauth2/token/
File "C:/FILEPATHHOLDER/PROGRAMHOLDER.py", line 4, in
robin_stocks.authentication.login('USERNAMEHOLDER', 'PASSWORDHOLDERHOLDER', expiresIn=86400, scope='internal')
File "C:\Users.....\robin_stocks\authentication.py", line 29, in login
token = 'Bearer {}'.format(data['access_token'])
TypeError: 'NoneType' object is not subscriptable

from robin_stocks.

Ok i pushed a new version on github its working with my two factor authorization. if you download and install github version does it work?

from robin_stocks.

Ok, downloaded and ran, still got : 'NoneType' object is not subscriptable.

I did though get an SMS code after trying to login. So it appears that the SMS response/challenge portion is now failing.
The thread mentioned earlier does discuss the issue. We need to reply with the SMS factor/ code in order to respond to the challenge URL.

from robin_stocks.

I have the same issue as @guywith2names

from robin_stocks.

Any update on this issue as the library as whole is dead until the issue is fixed.

from robin_stocks.

looks like it got solved here. robinhood-unofficial/pyrh#176 still need to work on it though.

from robin_stocks.

Everything worked perfectly up until yesterday and then as of this morning I can no longer login. I downloaded the latest robin_stocks version but still cannot login. Anybody have any suggested solution?

from robin_stocks.

First, you're going to want to log into your RH account in a web browser. View Source on the page, and look for 'clientId' - should be a big hex number separated by dashes. Add that number to your POST requests to /oauth2/token under the field 'device_token'. There's probably another way to retrieve the device token, and I'm not even sure it's unique, but that way should work.

from robin_stocks.

Hi folks, wanted to add some new information. I'm using latest version 0.9.8.7.

In the mobile app, if two factor authentication is OFF: logging in with a robin_stocks client returns "404 error" and an auth code is sent to my phone -- "Your Robinhood code is 315754. This code will expire in 5 minutes."

In the mobile app, if two factor authentication is ON: logging in with robin_stocks client returns "Please Type In The MFA Code: " and Robinhood sends an auth code to my phone -- "Robinhood Code: 303640." (Note the wording is different from the above)
Entering this code logs me in successfully, but for how long? So if I want automate trading over a couple of days, would this work?

from robin_stocks.

thanks for the update @jmfernandes I got mine to work now.

@shubhamgandhi did you figure out how long one longin is good for?

from robin_stocks.

I was able to make this work. Thing is you have to enable 2 FA on robinhood before you even run the script.

1. Login to robinhood web
2. Go to Account --> Settings --> Security.
3. Turn on two-factor authentication

from robin_stocks.

When logged in, is there any variable that I can check for login status?
The reason is I have to turn on 2FA, and input the MFA code every time, if I can check the status of my login, then I don't have to use MFA every time I run the code.

from robin_stocks.

I noticed this issue has yet to be resolved (two factor authentication is just a work around). I think I can help out. I got your code working properly by changing the login method. The text message you get when you try to login (without 2fa) is for validating the device token. All you have to do is respond to the challenge sent in the login response.
Method for the responding to challenge.

def respond_to_challenge(challenge_id, sms_code):
    url = 'https://api.robinhood.com/challenge/{}/respond/'.format(challenge_id)
    payload = {
        'response': sms_code
    }
    res = helper.request_post(url,payload=payload)
    return res

IMPORTANT: Use the same device token for all future login requests. It will save you so much time.
I've added a sample method for validating a new device token (you already have the method for generating one).

def get_new_device_token(username, password):
    device_token = helper.generate_device_token()
    initial_login = login(username, password, device_token)
    challenge_id = initial_login['challenge']['id']
    sms_code = input('Enter sms code:')
    res = respond_to_challenge(challenge_id, sms_code)
    # you can check here that the challenge status is validated or whatever
    # ...
    helper.update_session('X-ROBINHOOD-CHALLENGE-RESPONSE-ID', challenge_id)
    return device_token

Now just update your login method to use a device token like this:

def login(username,password,device_token=DEVICE_TOKEN_GLOBAL_VAR,expiresIn=86400,scope='internal'):
if device_token == None:
    DEVICE_TOKEN_GLOBAL_VAR = get_new_device_token(username, password)
    device_token = DEVICE_TOKEN_GLOBAL_VAR
...

and change the payload like so

payload = {
    'client_id': 'c82SH0WZOsabOXGP2sxqcj34FxkvfnWRZBKlBjFS',
    'expires_in': expiresIn,
    'grant_type': 'password',
    'password': password,
    'scope': scope,
    'username': username,
    'challenge_type': 'sms',
    'device_token': device_token 
}

Use the global variable ONLY IF you don't want to save a device token in a file (which I recommend so you don't have to generate one every session.

This should solve most of the login issues (400 error bad request with no access token).
Let me know if you still have any questions.

from robin_stocks.

Just for reference here is the config.json file I kept my device token in. I would just advise telling people in the docs to store their device token in a similar way and pass it to login.
Config.json

{ 
"auth": { 
      "username": "XXXXXX", 
      "password": "XXXXXX" 
    }, 
"device_token": "114fa713-05c5-0894-577a-f833b073230a" 
}

from robin_stocks.

@Jmarkaba excellent work! Could you do me a favor and do a pull request so I can commit your changes to the repo?

from robin_stocks.

@jmfernandes Will do. Would you prefer that I implement it with DEVICE_TOKEN as a global variable in the authentication.py or write to a config file?

EDIT: I went ahead and implemented with a global variable. The pull request is up.

from robin_stocks.

@Jmarkaba Yes thanks. Global variable is preferred. I added my review comments to your pull request. Great work. Very well written. I also appreciate you updating the documentation strings. I should have time tonight to pull your changes in, do my own tesitng, and update the documentation (on the robin-stocks website).

from robin_stocks.

Glad I could help!

from robin_stocks.

@Jmarkaba hey i pulled your changes and made some fixes because logging in with two-factor wasn't working. Can you check that the code is working for you?

from robin_stocks.

@jmfernandes sorry I've been a little busy this week. I'll double check tonight but if you only made minor changes it should work fine.

from robin_stocks.

@jmfernandes I can confirm that it is working fine for me. Feel free to close this issue if you're satisfied. Also, if you have any other goals/bug fixes you'd like me to help with please let me know.

from robin_stocks.

@Jmarkaba could you take a look at issue #7 ? Any help would be greatly appreciated.

from robin_stocks.

I'll see what I can do.

from robin_stocks.