From f2a84951023340086af40a77f2e52846446384a5 Mon Sep 17 00:00:00 2001
From: mrlt8 <67088095+mrlt8@users.noreply.github.com>
Date: Tue, 2 Jul 2024 23:59:26 -0700
Subject: [PATCH] clear local WB auth data with FRESH_DATA

---
 app/wyze_bridge.py     |  2 +-
 app/wyzebridge/auth.py | 25 ++++++++++++++++++-------
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/app/wyze_bridge.py b/app/wyze_bridge.py
index c93723cf..8b7008d4 100644
--- a/app/wyze_bridge.py
+++ b/app/wyze_bridge.py
@@ -33,7 +33,7 @@ def run(self, fresh_data: bool = False) -> None:
 
     def _initialize(self, fresh_data: bool = False) -> None:
         self.api.login(fresh_data=fresh_data)
-        WbAuth.set_email(email=self.api.creds.email)
+        WbAuth.set_email(email=self.api.creds.email, force=fresh_data)
         self.mtx.setup_auth(WbAuth.api, STREAM_AUTH)
         self.setup_streams()
         if self.streams.total < 1:
diff --git a/app/wyzebridge/auth.py b/app/wyzebridge/auth.py
index 16306ef1..63748309 100644
--- a/app/wyzebridge/auth.py
+++ b/app/wyzebridge/auth.py
@@ -31,6 +31,14 @@ def get_password(file_name: str, alt: str = "") -> str:
     return ""
 
 
+def clear_local_auth():
+    for file in ["wb_password", "wb_api"]:
+        file_path = f"{TOKEN_PATH}{file}"
+        if os.path.exists(file_path):
+            logger.info(f"[AUTH] Clearing local auth data [{file_path=}]")
+            os.remove(file_path)
+
+
 def gen_api_key(email):
     hash_bytes = sha256(email.encode()).digest()
     return urlsafe_b64encode(hash_bytes).decode()[:40]
@@ -50,26 +58,29 @@ def hashed_password(cls) -> str:
         return generate_password_hash(cls.password)
 
     @classmethod
-    def set_email(cls, email: str):
+    def set_email(cls, email: str, force: bool = False):
         logger.info(f"[AUTH] WB_AUTH={cls.enabled}")
         if not cls.enabled:
             return
 
-        cls._set_password(email)
-        cls._set_api(email)
+        if forced := (force or env_bool("FRESH_DATA")):
+            clear_local_auth()
+
+        cls._set_password(email, forced)
+        cls._set_api(email, forced)
 
         logger.info(f"[AUTH] WB_USERNAME={cls.username}")
         logger.info(f"[AUTH] WB_PASSWORD={cls.password[0]}{'*'*(len(cls.password)-1)}")
         logger.info(f"[AUTH] WB_API={cls.api}")
 
     @classmethod
-    def _set_password(cls, email: str) -> None:
-        if not cls.password:
+    def _set_password(cls, email: str, forced: bool = False) -> None:
+        if forced or not cls.password:
             cls.password = email.partition("@")[0]
 
     @classmethod
-    def _set_api(cls, email: str) -> None:
-        if not cls.api:
+    def _set_api(cls, email: str, forced: bool = False) -> None:
+        if forced or not cls.api:
             cls.api = gen_api_key(email)