The fetch error related to #97 with the invalid JSON body seems to be resolved since passing the OTP value as a string literal allows for a successful login.
However, if I call auth.on with a callback function to get the code from my gmail such as auth.on('otp', returnOTP); the gmail containing the OTP is still not dispatched. I'm not sure if this is related to the cloudfare security issue, but I do know that this was working fine a couple weeks ago.

i'll test this scenario out later this evening. But in the mean time, can you tell me what typeof returnOTP evaluates to for your returnOTP func?

I personally started using Authy for 2FA and node-2fa for generating the 2fa token from my secret TOTP Authy token. So no emails in my login workflow. Something could have changed with WS's login endpoint to dispatch the OTP token to email.

Ah ok, I wasn't sure how to write code to retrieve my OTP from Authy and use it for the login. Also, my returnOTP function returns a string value

i understand your returnOTP returns a string, but the login function (https://github.com/ahmedsakr/wstrade-api/blob/main/src/auth.js#L56) checks if the typeof of your OTP handler is a function so it can dispatch a login attempt without OTP, which should trigger an OTP email from WS to your email. This used to be the behaviour until you raised this issue.

Oh ok sorry I mistook your question. Yes, the typeof returnOTP is an async function, and my code was working a couple weeks ago before the cloudflare issues which is why I'm not sure if this is what caused it to stop dispatching emails

Alright then if you haven't changed your code and it stopped working, it does sound like a regression for email-dispatched OTP because of cloudflare. I'll look into it tonight.

@PrashanthPillay i just tested out with email OTP and it's working for me. Can you share your code for setting up OTP and logging in (obviously removing your secrets)?

Hi @ahmedsakr, I think there was actually an error on my end when I was updating the api, since I just tested it on my laptop and it seems to work fine. I will try to reinstall it on my desktop and see if that fixes the issue, but in the meantime I will close this issue. Thanks so much for the help!

No problem, @PrashanthPillay. Also, if you wanted to use an Authy-generated TOTP token, follow this gist to export your secret token: https://gist.github.com/gboudreau/94bb0c11a6209c82418d01a59d958c93

You can then use node-2fa from the npm registry, with the token you exported from Authy, to automatically generate the correct OTP. No emails involved and much faster to log in since OTP tokens are generated synchronously!

Ah ok thank you so much @ahmedsakr, I think I will try that out when I have some free time!