root/trading_bot_v3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
trading_bot_v3/SESSION_PERSISTENCE.md
mindesbunister cf58d41444 🔐 Implement robust session persistence to avoid 'are you human' captcha checks 
- Add comprehensive session persistence with cookies, localStorage, and sessionStorage
- Implement stealth browser features to reduce bot detection
- Add smartLogin() method that prioritizes saved sessions over fresh logins
- Create session management utilities (refresh, clear, test validity)
- Update enhanced screenshot service to use session persistence
- Add comprehensive documentation and test script
- Support manual login fallback when captcha is encountered
- Sessions stored in .tradingview-session/ directory for Docker compatibility

This solves the captcha problem by avoiding repeated logins through persistent sessions.
2025-07-12 21:39:53 +02:00

218 lines
5.2 KiB
Markdown
Raw Permalink Blame History

# TradingView Session Persistence & Captcha Avoidance
## Problem
TradingView implements "Are you human?" captcha checks that block automated login attempts. This prevents our trading bot from automatically logging in and capturing screenshots for analysis.
## Solution
We've implemented **session persistence** that saves login sessions and reuses them across runs, effectively avoiding captcha challenges.
## How It Works
### 1. Session Data Storage
The system saves three types of session data:
- **Cookies**: Authentication tokens and session identifiers
- **localStorage**: User preferences and settings
- **sessionStorage**: Temporary session data
Session data is stored in `.tradingview-session/` directory:
```
.tradingview-session/
├── cookies.json # Authentication cookies
└── session-storage.json # Browser storage data
```
### 2. Stealth Features
To reduce bot detection, the browser is configured with:
- Custom user agent strings
- Disabled automation indicators
- Realistic browser headers
- Plugin and language mocking
### 3. Smart Login Process
The `smartLogin()` method follows this priority:
1. **Check existing session**: If already logged in, continue
2. **Test saved session**: Load and validate saved session data
3. **Manual intervention**: If needed, prompt for manual login
4. **Save new session**: Store successful login for future use
## Usage
### First Time Setup
```javascript
import { TradingViewAutomation } from './lib/tradingview-automation.js'
const automation = new TradingViewAutomation()
await automation.init()
// First run - manual login required
const success = await automation.smartLogin()
// This will open TradingView and wait for manual login
// Once you log in manually, the session is saved
```
### Subsequent Runs
```javascript
// Future runs automatically use saved session
const automation = new TradingViewAutomation()
await automation.init()
const success = await automation.smartLogin()
// This will use saved session - no captcha!
```
### Testing Session Persistence
```bash
# Run the test script
node test-session-avoid-captcha.js
```
## API Integration
The analysis API automatically uses session persistence:
```bash
curl -X POST http://localhost:3000/api/analyze \\
-H "Content-Type: application/json" \\
-d '{
"symbol": "SOLUSD",
"timeframe": "5"
}'
```
The API will:
1. Check for saved session
2. Use it if valid (no captcha)
3. Return analysis results
## Session Management
### Check Session Status
```javascript
const info = await automation.getSessionInfo()
console.log(info)
// {
// isAuthenticated: true,
// hasSavedCookies: true,
// hasSavedStorage: true,
// cookiesCount: 15,
// currentUrl: "https://www.tradingview.com"
// }
```
### Refresh Session
```javascript
// Keep session alive
const refreshed = await automation.refreshSession()
```
### Clear Session
```javascript
// Clear expired or invalid session
await automation.clearSession()
```
### Test Session Validity
```javascript
const test = await automation.testSessionPersistence()
// {
// hasSessionData: true,
// isValid: true,
// sessionInfo: {...}
// }
```
## Manual Setup Process
1. **Run the bot for the first time**
2. **Browser opens automatically** (in Docker, this happens in headless mode)
3. **Manual login required**: Log in through the browser interface
4. **Session saved**: Once logged in, session data is automatically saved
5. **Future runs**: No more captcha challenges!
## Docker Integration
In Docker environment:
```bash
# Start the container
docker-compose up -d
# Run session setup (manual login required once)
docker exec -it trading_bot_v3 node test-session-avoid-captcha.js
# After setup, API calls work without captcha
curl -X POST http://localhost:3000/api/analyze \\
-H "Content-Type: application/json" \\
-d '{"symbol": "SOLUSD", "timeframe": "5"}'
```
## Session Persistence Benefits
**No more captcha challenges** after initial setup
**Faster login process** (reuses existing session)
**Automatic session refresh** to keep sessions alive
**Docker compatible** session storage
**Fallback to manual login** when needed
## Troubleshooting
### Session Expired
If you get login failures:
```javascript
// Clear expired session and start fresh
await automation.clearSession()
await automation.smartLogin() // Will prompt for manual login
```
### No Manual Browser Available
For servers without display:
1. Run initial setup on local machine
2. Copy `.tradingview-session/` to server
3. Server uses saved session data
### Session Not Working
Check session status:
```javascript
const info = await automation.getSessionInfo()
if (!info.isAuthenticated || !info.hasSavedCookies) {
// Need fresh login
await automation.clearSession()
await automation.smartLogin()
}
```
## Files Modified
- `lib/tradingview-automation.ts`: Core session persistence logic
- `lib/enhanced-screenshot.ts`: Updated to use smart login
- `test-session-avoid-captcha.js`: Test script for session setup
- `.tradingview-session/`: Session data storage directory (auto-created)
## Security
- Session data is stored locally only
- No credentials are permanently stored
- Session files can be manually deleted if needed
- Works with environment variables for credentials
Reference in New Issue View Git Blame Copy Permalink