Python REST API no secret key returned in response
Why is the secret key returned as an empty string in the dictionary response sent by appwrite, but available through the cookie (see screenshot) in the request.Session() object when creating an email password session:
The dictionary response (empty secret key, used for setting session): {'$id': 'id', '$createdAt': '2024-09-12T10:15:06.843+00:00', '$updatedAt': '2024-09-12T10:15:06.996+00:00', 'userId': 'userid', 'expire': '2024-10-12T10:15:06.992+00:00', 'provider': 'email', 'providerUid': 'test@gmail.com', 'providerAccessToken': '', 'providerAccessTokenExpiry': '', 'providerRefreshToken': '', 'ip': '192.168.64.8', 'osCode': '', 'osName': '', 'osVersion': '', 'clientType': 'library', 'clientCode': '', 'clientName': 'Python Requests', 'clientVersion': '2.32', 'clientEngine': '', 'clientEngineVersion': '', 'deviceName': '', 'deviceBrand': '', 'deviceModel': '', 'countryCode': '--', 'countryName': 'Unknown', 'current': True, 'factors': ['password'], 'secret': '', 'mfaUpdatedAt': ''}
also when I use the update session a secret key is being returned in the response dictionary
My guess is this is a bug? That the secret key is being returned as an empty string on the create with email and password session, while being sent back and accessible in the cookie itself
It only resturns a secret when an api key is attached
but I get a secret key returned with the cookie and I dont use any API's as I have built a client auth for python with the REST API
and as I mentioned you also get the secret key back on the update session method
hmm why do I get the secret key sent back by appwrite in the cookie then? see my screenshot above. Also if I'm not supposed to use the secret key to set the session, as I am working with client side here and therefore shouldn't use API keys. How do I implement an auto login process, where the email session gets stored locally and the on restart of the application used to authenticate the user again so they don't have to login again?
