eufy-security-client: [Bug]: Unable to login

Client version

2.2.2

Node version

v16.18.0

Operating System type

Docker

Operating system version

Raspberry OS

Describe the bug

It seems the login isn’t working anymore. When using https://mysecurity.eufylife.com/apieu/v2/passport/login I do see a proper response with a data field. When logging into the eufy app with the configured user, everything works OK in the app, just not this client apparently? The app does not appear to have any changed login endpoints, although I did spot new paths: passport/update_agreement_records, passport/query_agreement_msg and passport/query_agreement_records. I am getting this stack trace and then that’s it:

2022-11-09 17:32:34.406  DEBUG [EufySecurity._initializeInternals] No stored data from last exit found 
2022-11-09 17:32:34.413  DEBUG [EufySecurity._initializeInternals] Handling of driver update 
{
  currentVersion: 2.22,
  previousVersion: 0
}
2022-11-09 17:32:34.992  DEBUG [undefined.constructor] Loaded API_BASE: https://security-app-eu.eufylife.com 
2022-11-09 17:32:34.999  DEBUG [EufySecurity._initializeInternals] Load previous login_hash: <redacted> 
2022-11-09 17:32:35.003  DEBUG [EufySecurity._initializeInternals] Generated new openudid: 962f147b4eb1406d 
2022-11-09 17:32:35.005  DEBUG [EufySecurity._initializeInternals] Generated new serial_number: 634a5dba74dd 
2022-11-09 17:32:35.080  DEBUG [src/lib/server.ts:489  EufySecurityServer.start] Starting server on host 0.0.0.0, port 3000 
2022-11-09 17:32:35.087  INFO  [src/lib/server.ts:495  EufySecurityServer.start] Eufy Security server listening on host 0.0.0.0, port 3000 
2022-11-09 17:32:35.091  DEBUG [HTTPApi.login] Login and get an access token 
{
  token: null,
  tokenExpiration: null
}
2022-11-09 17:32:35.098  DEBUG [HTTPApi.request] Request: 
{
  method: 'post',
  endpoint: 'v2/passport/login_sec',
  token: null,
  data: {
    ab: '<redacted>',
    client_secret_info: {
      public_key: '04bc749631da017d514f498652a849a7df4f7ade1731282479ba92b5d0856c6861c1e95c29df98eeef8a593e298edc0686e52747d948d31b29d5bae0a49719f391'
    },
    enc: 0,
    email: '<redacted>',
    password: '[***]',
    time_zone: 0,
    transaction: '1668015155096'
  }
}
2022-11-09 17:32:35.195  DEBUG [HTTPApi.request] Response: 
{
  response: {
    code: 0,
    msg: 'Succeed.'
  }
}
2022-11-09 17:32:35.204  ERROR [HTTPApi.login] Generic Error: 
 TypeError  Cannot read properties of undefined (reading 'user_id')
error stack:
• api.ts:289 login
    node_modules/eufy-security-client/src/http/api.ts:289:66

• task_queues:96 processTicksAndRejections
    node:internal/process/task_queues:96:5

• eufysecurity.ts:662 connect
    node_modules/eufy-security-client/src/eufysecurity.ts:662:9

• server.ts:496 start
    src/lib/server.ts:496:9

• server.ts:66 <anonymous>
    src/bin/server.ts:66:9

Same issue as: https://github.com/bropat/eufy-security-ws/issues/146

To reproduce

Start the client.

Screenshots & Logfiles

No response

Additional context

No response

About this issue

Original URL
State: closed
Created 2 years ago
Reactions: 2
Comments: 48 (33 by maintainers)

Commits related to this issue

Update config.json Fixes https://github.com/bropat/eufy-security-client/issues/242 — committed to Alacard/eufy_security_addon by Alacard 2 years ago

Most upvoted comments

i am working on this

fuatakgun on Nov 10, 2022

In the next version, if you do not set the parameter trustedDeviceName, a random model of an existing Android phone will simply be set and kept at the first login. This way, not so many people should use “eufyclient” (default value). If someone subsequently sets the above-mentioned parameter anyway, then this will of course take precedence.

Attention: If someone uses the 2FA and changes this parameter after a successful authentication, they will be asked to check again (new trust).

bropat on Nov 12, 2022

The main and only concern here is that eufy started to intervene with this client. This measure is easily circumvented, but what’s next? How long until the next countermeasure, and most importantly, when will one be of a kind we cannot circumvent?

I know what I’d do… sell all of my eufy products and get cameras with proper API’s!

Palmke on Nov 10, 2022

That’s because I’ve been tinkering all evening trying to figure this sh*t out xD

Palmke on Nov 9, 2022

Well no actually. I apparently tested locally with a different config.json. I found extra_hosts exists for Docker Compose so I tried that with the default config settings I used all the time. It failed.

I then changed the trustedDeviceName field to something other than the default, with default hosts and now I get a captcha request in Docker with the default eufy-security-ws image (1.0.2).

This is short term good news, long term bad news… It likely means that they’re now actively countering this client. 😦

Omitting data from the initial login response in specific scenarios is a deliberate action!

Palmke on Nov 9, 2022

Thanks for all the clues… I have been using the bropat/eufy-security-ws for quite a while and it’s awesome. I wanted share what I had to do to fix the issue in case it helps someone else.

First, I don’t use docker. I start the service as follows from a systctl script using ts-node: e.g. ts-node /opt/eufy-security-ws/src/bin/server.ts --config config.json

Based on what I read above, I changed “trustedDeviceName?”: “eufyclient”, to “trustedDeviceName?”: “somerandomothername”, in the config.json file. This didn’t help… continued to get the user_id error.

To fix the issue,I had to edit line 65 in /opt/eufy-security-ws/node_modules/eufy-security-client/build/eufysecurity.js and recompile.

                        if (this.config.trustedDeviceName === undefined) {
                        this.config.trustedDeviceName = "somerandomothername";  //edited line

This seems to indicate that changing the variable trustedDeviceName in config.json doesn’t work for some reason.

Thanks again.

TaZZaT on Nov 10, 2022

Brilliant, for others in the same situation, I just added an environment var in my docker-compose file

This isn’t possible with HASS addon is it?

Morphy99 on Nov 9, 2022

Okay… something changed… I added the IP to the hosts file, ran it locally and it works!

EDIT: The above statement is incorrect. See below.

Palmke on Nov 9, 2022

OK I found it, but it doesn’t contain a cloud token (it’s ""). It does contain a login hash.

Palmke on Nov 9, 2022

@bropat yes. The webportal is working just fine. I have tried a custom Docker image calling this endpoint in the login function, but that also resulted in an absent data object.

EDIT: regarding user_id, the response above it does not contain the data object (see also the log above): https://github.com/bropat/eufy-security-client/blob/master/src/http/api.ts#L289

  response: {
    code: 0,
    msg: 'Succeed.'
  }

The response is marked as OK, but data is missing which is used on L289 in api.ts.

Palmke on Nov 9, 2022

@Palmke

I have just carried out a test and it works perfectly. I think Eufy may have bungled some servers again.

{
   "code":0,
   "msg":"Succeed.",
   "data":{
      "user_id":"redacted",
      "email":"redacted",
      "nick_name":"pat***",
      "auth_token":"redacted",
      "token_expires_at":1670615045,
      "avatar":"",
      "invitation_code":"redacted",
      "inviter_code":"",
      "verify_code_url":"",
      "mac_addr":"",
      "domain":"security-app-eu.eufylife.com",
      "ab_code":"IT",
      "geo_key":"redacted",
      "privilege":0,
      "phone":"",
      "phone_code":"",
      "server_secret_info":{
         "public_key":"0470ca96234263082120ab0646918187a9df3f0b70f1429e349b5d8a7bcde7cc4f5dd00fadbe1fd225ed0576fce145c785c8ed6b667485619bbcf57b2e5faa8405"
      },
      "params":[
         {
            "param_type":10002,
            "param_value":"off"
         }
      ],
      "trust_list":[
         
      ]
   }
}

bropat on Nov 9, 2022