b3nw/monarch-mcp-custom
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add automatic re-authentication with MFA support
All checks were successful
Build and Push Monarch MCP Docker Image / build (push) Successful in 8s
Details

Browse Source 
Implement automatic token refresh using stored credentials and TOTP MFA secret. When an API call fails with a 401/unauthorized error, the system now transparently re-authenticates using MONARCH_EMAIL, MONARCH_PASSWORD, and MONARCH_MFA_SECRET, then retries the original request.

Changes:
- Add refresh_authentication() function in auth.py for credential-based login
- Create @retry_on_auth_error decorator to handle and retry failed auth calls
- Apply decorator to all MCP tools (get_accounts, get_transactions, etc.)
- Add MONARCH_MFA_SECRET to .env.example with documentation
- Update login_setup.py to instruct users about required env vars
- Replace PROBLEM.md with PLAN.md documenting the implementation
This commit is contained in:
Ben
2025-12-24 15:45:43 +00:00
parent 27ef7f0e1e
commit 6fc09d956f
6 changed files with 153 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
login_setup.py
View File

@@ -5,7 +5,6 @@ Saves session securely and provides the token for Docker environment.
"""
import asyncio
import os
import getpass
import sys
from pathlib import Path
@@ -53,6 +52,21 @@ async def main():
# Also save to local keyring for convenience
save_token(token)
print("\n✅ Token also saved to local system keyring.")
print("\n" + "=" * 50)
print("📝 IMPORTANT: For automatic re-authentication")
print("=" * 50)
print("\nIf you have MFA enabled on your Monarch account,")
print("add your MONARCH_MFA_SECRET to your .env file:")
print("\n MONARCH_MFA_SECRET=your_totp_secret_here")
print("\nYou should have saved this secret when you first")
print("set up Google Authenticator/Authy for Monarch Money.")
print("\nThis allows the MCP server to automatically re-authenticate")
print("when your token expires.")
print("\nYou also need to add your credentials:")
print(" MONARCH_EMAIL=your_email@example.com")
print(" MONARCH_PASSWORD=your_password")
print("=" * 50)
else:
print("❌ Failed to retrieve token from MonarchMoney instance.")