Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OTP APK and server no more needed, fix steam not opening automatically and disabled auto update for tests #1651

Closed
wants to merge 1 commit into from

Conversation

victormatuk
Copy link

Made some improvements to Steam's functionality:

  • Fixed the issue with Steam not opening automatically.
  • Added a configuration option to save your OTP code directly in the settings, making auto-login easier—no need for extra servers or APKs.
  • Disabled the auto-update feature for more control.

Enjoy the smoother experience! 😊

… otp code in configuration and use it in auto login without all that shit of server and apk, disabled auto update
@nathanctech
Copy link

I think you accidentally committed your actual XIVLauncher folder...there's the exe and all subfolders within it.

@KazWolfe
Copy link
Member

KazWolfe commented Dec 3, 2024

Disabled the auto-update feature for more control.

This cannot be merged in. The auto-update system is a security feature designed to prevent the launcher from sending invalid data to SE servers, e.g. in the event of a game patch.

The warning in the title bar explains this:

Title += " - UNSUPPORTED VERSION - NO UPDATES - COULD DO BAD THINGS";

Added a configuration option to save your OTP code directly in the settings [...]

This has come up before and has been shot down as it defeats the point of OTP. See #437.

The implementation itself is also problematic, since you're effectively forced into passing your OTP secret to the launcher if you have MFA. There needs to be some option to allow the user to continue using non-persisted OTP as well.

Secondarily, your library requires the use of the system clock for calculating OTP. While this is fine(-ish), it does mean that a user with an invalid clock may not be able to log in at all with a cryptic error message (as SE doesn't tell us what of the username/password/OTP is incorrect). This problem admittedly already exists, but is made worse by the fact that there's no sane way to review what code is being sent. Consider using an authoritative time source for calculation, or better managing user messaging around this point.

If this is something you want to add, please consider working on the Authentication API as discussed in #1433.

Fixed the issue with Steam not opening automatically.

Your fix for this seems to be increasing the retry count from 15 to 60. While this can work (I suppose), it might be better to actually look into why retries don't work. There's no real guarantee that 60 retries will be any better if there's a systemic issue that can be raised to the user instead.


And yes, as noted, please don't include binaries and other assets in your PR, these should be ignored properly as they're handled by the build system.

@victormatuk victormatuk closed this by deleting the head repository Dec 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants