audioscrobbler won't login/submit problems
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Exaile |
Invalid
|
Undecided
|
Mathias Brodala |
Bug Description
Audioscroblet plugin doesn't login properly, here's the output.
INFO : AS: attempting to connect to audioscrobbler
INFO : Loading collection...
INFO : AS: Connected to audioscrobbler
INFO : Loading devices...
WARNING : Failed to connect to HAL, autodetection of devices will be disabled.
INFO : Loading interface...
INFO : Playing file://
INFO : Attempting to submit now playing information...
Exception in thread Thread-8:
Traceback (most recent call last):
File "/opt/local/
self.run()
File "/opt/local/
self.
File "/Users/
track.
File "/Users/
raise AuthError("Please 'login()' first. (No session available)")
AuthError: Please 'login()' first. (No session available)
Problem is: if non-md5 password is used in login() with hashpw=False, first call in initialize() routine for some reason doesn't raise the exceptions and the next call (wh haspw=True) isn't triggered.
When setting both calls of login to use hashpw=True, the iniitial login succeeds and proper cookie value is obtained,
Reworked initialize():
def initialize(self, username, password, server):
try:
except:
try:
except:
@common.
Anyway, reviewing the _scrobbler.py and __init.py login procedures raised some questions:
1. Lastfm expects md5-hashed passwords.
2. settings.ini should always have md5-hashed pw stored, or and indication if the password is md5 or no.
Actually, during my investigation, if my memory doesn't betray me, at some point it did store md5 password iside the ini file.
I think the ideal behaviour should be one of these:
1. store md5 digest of pw in the file and use login(hashpw=False)
2. store plain text pw and use login(hashpw=True)
3. store either pw with propper marker of it md5-ness and use login(hashpw=(not md5-ness of the pw))
Off course security-wise non-md5 pw in setting.ini file isn't good.
System used: OSX10.4.11
python 2.5.4
The idea here was to first try to login via an unhashed password (suggesting that it already is hashed) and if that fails again with a hashed password. This is meant to allow older versions of Exaile 0.3.x to be able to login, even if the password has not been hashed.
By default the password is always hashed in the preference and saved as such. If we now force the first call to login to hash the password, login with an already hashed password is likely to fail the same way it is currently for unhashed passwords.
There is no way that we can save an indication if the password has already been hashed or not, we cannot know about that.
Anyways, I could not reproduce the issue if I restore my plain text password and the password is hashed as soon as you re-enter the password in the preferences dialog.