epicgames-freegames-node: Error: Too many login attempts. (Captcha issues during login)

Since yesterday there seems to be a problem with the login process. For the first time in a few weeks I received a request to solve a captcha. Today I tried again with the newest image version of the container: I solved three of these captchas in a row, after which the logs show the following error:

Error: Too many login attempts. This probably because something is wrong with the captcha process.
        at Login.login (/usr/app/src/login.ts:100:13)
        at Login.login (/usr/app/src/login.ts:136:22)
        at processTicksAndRejections (internal/process/task_queues.js:97:5)

Full logs from start of the container:

Incoming env vars:
RUN_ON_STARTUP: 
CRON_SCHEDULE: 
RUN_ONCE: 
Getting settings from JSON: /usr/app/config/config.json
Setting config variables
Run on startup: true
Run once: false
> epicgames-freegames-node@3.0.0 start /usr/app
> node dist/src/index.js
[2021-03-28 14:31:28.601 +0200] INFO  (47 on 69db50974012): Checking free games for my@mail.tld 
[2021-03-28 14:31:34.891 +0200] INFO  (47 on 69db50974012): Action requested. Waiting for Captcha to be solved
    user: "my@mail.tld"
    id: "2ee8bd7e-f623-426f-b4cd-0b7e5391fe2f"
[2021-03-28 14:31:54.164 +0200] INFO  (47 on 69db50974012): Action requested. Waiting for Captcha to be solved
    user: "my@mail.tld"
    id: "c56d40ed-fdfa-46fc-babf-27d5ed36eeb1"
[2021-03-28 14:32:09.230 +0200] INFO  (47 on 69db50974012): Action requested. Waiting for Captcha to be solved
    user: "my@mail.tld"
    id: "8d3df284-a158-4ad1-94a4-9617c6eab675"
[2021-03-28 14:32:23.572 +0200] ERROR (47 on 69db50974012): Too many login attempts. This probably because something is wrong with the captcha process.
    Error: Too many login attempts. This probably because something is wrong with the captcha process.
        at Login.login (/usr/app/src/login.ts:100:13)
        at Login.login (/usr/app/src/login.ts:136:22)
        at processTicksAndRejections (internal/process/task_queues.js:97:5)

My configuration

{
    "accounts": [
        {
            "email": "my@mail.tld",
            "password": "mypwd",
            "totp": "mytotp"
        }
    ],
    "onlyWeekly": true,
    "runOnStartup": true,
    "intervalTime": 60,
    "cronSchedule": "0 12 * * *",
    "runOnce": false,
    "logLevel": "info",
    "baseUrl": "http://myurl:3000",
    "email": {
        somemailconfig
    }
}

About this issue

Original URL
State: closed
Created 3 years ago
Reactions: 5
Comments: 90 (21 by maintainers)

Commits related to this issue

Generate a second fingerprint/xal for login init data. Likely fix for #97. — committed to claabs/epicgames-freegames-node by claabs 3 years ago

Most upvoted comments

I also have the same problem…

Does everybody have this problem or only a few?

simphide on May 4, 2021

I just pushed a few new potential fixes, and maybe 0284e2f fixed it? I had one successful login that had to actually solve the captcha. It’s tough to test thoroughly due to my home IP’s high trust with hCaptcha (due to solving hundreds of captchas…)

My suspicion is that it has to do with the hcaptcha.com/checkcaptcha/ call, since when a captcha isn’t served, that call isn’t made, and the login succeeds. However, I’ve pretty much mocked that request in its entirety.

Out of ideas for now, so just hoping this is the actual fix.

So now I’m getting capatchas to actually solve on the latest conteainer (instead of just clicking the link and it auto-solving w/ just a black screen) – i now need to select the images for the capatcha, but still ending up with the same errors after doing that.

CorneliousJD on Apr 5, 2021

I think I found why the cookie import wasn’t working. It essentially came down to what site path the cookie export was coming from.

I just added a cookie whitelist to the import and updated the docs. My testing seems to have refreshed the login twice over the last 16 hours. I’m unsure if it will last longer than 30 days, though.

If anyone wants to test it, make sure to pull the latest image, and follow the new cookie import instructions.

If this works out, I’ll probably redesign the project in v4 to completely avoid login, because trying to patch and proxy all of Epic and hCaptcha’s calls has just proven to be too much.

claabs on May 29, 2021

Hey @lorosario,

The process worked on my end (and is still working), so I’d be curious to see what the difference is, or if the problem has returned.

Can you double check if the URL was correctly changes per the (1) bubble

Then insert the cookie in the cookie file, restart the container and check for the following log line during the startup process [2021-06-04 22:08:02.772 +1000] INFO (25 on Epicgames): Converting ./config/email@address.com-cookies.json cookie format

The change to the domain/URL was what tripped me up the first time, so I thought I’d just check 😃

Ahh, I had the email@address.com-cookies.json in the wrong folder. It is working now.

Thank you

lorosario on Jun 6, 2021

I did a lot of digging and experimenting over the weekend. Mostly, I was looking for a good way to remotely solve a captcha. Browserless is a really cool project that lets you remotely debug Puppeteer browsers. I was able to have a bot login, and have myself solve a captcha from a remote link. However browserless is huge, and running a second container (without full ARM support) might be a little overkill.

I’m considering working on a Puppeteer package inspired by parts of browserless that gives you a live view and control of an automated session. It could be very useful, apply to more than just this project, and I don’t really see a way Epic could patch it.

Essentially, the bot would try to login and redeem a game just using cookies, but if it fails, it would fall back to Puppeteer and ask you to take control when it needs human assistance.

claabs on Jun 1, 2021

Your changes may have broken something. I updated yesterday and now I’m being spammed with captcha emails, getting a new one every time I complete one.

Ryonez on Apr 2, 2021

@SoraKasvgano Not a wise idea to share your TOTP token, since now anyone can generate your 2fa tokens. I’d delete & setup your Epic 2fa again if I were you

thanks for advice …I had changed some keyword s in it before

SoraKasvgano on Sep 18, 2021

Awesome, glad to hear it - in the meantime I’ll continue to use the new cookie method until it asks for captchas and then replace the cookie again.

I had missed a few games during the time this was down where I forgot to manually check, whoops haha.

CorneliousJD on Jun 1, 2021