Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support new multidevice authentication #63

Merged
merged 3 commits into from
May 8, 2022
Merged

Support new multidevice authentication #63

merged 3 commits into from
May 8, 2022

Conversation

tuhinpal
Copy link
Owner

@tuhinpal tuhinpal commented May 8, 2022

It's changelog time after many months. So, there was no plan to add the MultiDevice Beta feature, but legacy authentication was removed by WhatsApp. Some people told me almost all WhatsApp bots are broken and require a persistence server, but I challenged that.

Technically speaking whatsapp-web.js pulls the whole state from Chrome to remember the device. That's good, but the only limitation is it needs a persistence server. So, I delete large unneeded files, make a zip of it, and encrypt the zip, so the file can be hosted from any website (like https://thetuhin.com/session.secure).

Changelog

  • Supports MultiDevice feature
  • Secure session token
  • Don't require persistence state

What about security?

Well, it is safe, but still, maybe there is some vulnerability of the token encryption (like brute force, social engineering). So I highly recommend you to throw this stuff in a secure place (like https://thetuhin.com/freaking-hard-security/session.secure)

The new process

Well, it is kinda same. Just follow these steps:

  • Run npm run gentoken, it will ask you for a password (SESSION_KEY). With docker docker run -p 8080:8080 -it jeeetpaul/whatsbot-session
  • After authenticated you will see a new file session.secure has been created in the root directory.
  • If you will use a persistence computer, then don't do anything. Just put the SESSION_KEY with the Chosen Password in env. Please don't put SESSION_URL in that case.
  • Otherwise, upload session.secure to any server, like a public Github repo. Then grab the direct link of it. Put then link into SESSION_URL

Thank you 👍

@tuhinpal tuhinpal merged commit d495c2d into main May 8, 2022
@shavindu1234
Copy link

hoda

@tuhinpal tuhinpal deleted the newauthdev branch November 1, 2022 15:35
@badu-ser
Copy link

QR code scan does not return any json

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working enhancement New feature or request
Projects
None yet
3 participants