Auth token expiring?

chakie · March 31, 2022, 8:43am

I’m having a small issue with accessing a Nakama server. We save logs in the storage module for each started match and later download these logs using a normal API call. The idea is to analyze the logs offline to get game balancing stats. I have a small Python script that does the downloading and it works mostly fine. The script downloads the logs one by one by requesting specific log files. As the local processing takes a few seconds a query is made maybe once every five seconds. So far so good.

After a short while I however get a 401 error from the server:

{"error":"Auth token invalid","message":"Auth token invalid","code":16}

The time until I get the error is perhaps a minute after my Python script authenticated ok. During this time I’ve downloaded a list of log file ids and then fetched some of the logs. It almost seems as if the authentication token expires, but that shouldn’t happen until after one hour according to the settings for the server.

def get_match_log(server: Server, match_log_id: str) -> Optional[typing.Dict]:
    url = f"{server.url()}/v2/rpc/get_match_log?unwrap"

    headers = CaseInsensitiveDict()
    headers["Accept"] = "application/json"
    headers["Authorization"] = f"Bearer {server.session_token}"

    data = {
        "match_id": match_log_id,
    }

    response = requests.post(url, json=data, headers=headers)

    if response.status_code == 200:
        return response.json()

    print(response)
    print(response.text)

    return None

Our actual Unity game uses the same token for way longer without any issues. Is there some time limit that I’m not aware of here?

chakie · March 31, 2022, 8:54am

If I authenticate again before each call to get a log then it’s fine. So there seems to be some expiration that I’m not aware of. It’s no big deal to re-authenticate before every call, but it seems a bit wasteful.

mofirouz · March 31, 2022, 9:42am

It almost seems as if the authentication token expires, but that shouldn’t happen until after one hour according to the settings for the server.

Can you confirm with me what server settings you are looking at?

Our actual Unity game uses the same token for way longer without any issues.

The Unity SDK has built-in support for refreshing the token using the RefreshToken API call. This maybe the difference between what you are noticing in the Unity client vs making rest calls.

Also can you confirm if the Python code is being executed against a Heroic Cloud instance or a local instance?

chakie · March 31, 2022, 9:59am

The token does expire, but it’s working as it should. I was looking at the wrong setting on Heroic Cloud, namely session.refresh_token_expiry_sec instead of the correct session.token_expiry_sec. The latter is set to 60 which is basically what I see. The former is 3600. So nothing to see here, user error!

Yes, I am running against a HC instance. Likely the automatic token refreshing in the Unity client works so well that I’ve never seen any issues there.

Topic		Replies	Views
Auth token invalid unity Local Setup getting-started , authentication	5	1747	October 25, 2020
Auth token invalid even if it is valid Client Libraries authentication , sdk-unity	2	291	October 18, 2023
How can I check if the auth refresh token has expired when the server restarts? Game Design authentication	4	1243	February 12, 2024
Question on refreshing auth tokens Game Design server-framework	7	1148	May 18, 2020
Best practices when it comes to expired sessions Local Setup sdk-unity	4	1887	March 21, 2021

Auth token expiring?

Related topics