fix strava login issues

.github/workflows/credentials.yml

@@ -11,15 +11,17 @@ jobs:
     name: Refresh Strava Credentials
     steps:
       - uses: actions/checkout@v4
-      - uses: denoland/setup-deno@v1
+      - uses: actions/setup-node@v4
         with:
-          deno-version: v1.x
+          node-version: '22'
+      - name: Setup npm
+        run: npm ci
       - name: Fetch credentials
         env:
           STRAVA_EMAIL: ${{ secrets.STRAVA_EMAIL }}
           STRAVA_PASSWORD: ${{ secrets.STRAVA_PASSWORD }}
         run: |
-          eval "$(./scripts/refresh_strava_credentials.ts)"
+          eval "$(./scripts/refresh_strava_credentials.js)"
           echo "::add-mask::${STRAVA_ID}"
           echo "::add-mask::${STRAVA_COOKIES}"
           echo "STRAVA_ID=${STRAVA_ID}" >> $GITHUB_ENV

scripts/refresh_strava_credentials.js

@@ -0,0 +1,54 @@
+#!/usr/bin/env node
+//
+// Log a user into Strava and write the cookies to stdout for later use.
+import puppeteer from "puppeteer";
+
+const STRAVA_EMAIL = process.env.STRAVA_EMAIL;
+const STRAVA_PASSWORD = process.env.STRAVA_PASSWORD;
+const USER_AGENT = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36";
+const REQUIRED_COOKIE_NAMES = [
+    "CloudFront-Policy",
+    "CloudFront-Key-Pair-Id",
+    "CloudFront-Signature",
+    "_strava4_session",
+];
+
+console.log("Launching browser...");
+let browser = await puppeteer.launch({
+    headless: true,
+    devtools: false,
+    timeout: 0,
+    args: ["--no-sandbox", "--disable-setuid-sandbox", "--disable-blink-features=AutomationControlled",],
+});
+
+console.log("Opening new page...");
+const page = await browser.newPage();
+
+await page.setUserAgent(USER_AGENT);
+await page.setViewport({width: 1280, height: 800});
+
+console.log("Opening strava login...")
+await page.goto("https://www.strava.com/login", {waitUntil: "networkidle2"});
+
+console.log("Logging in with email and password...")
+await page.type("#desktop-email", STRAVA_EMAIL);
+await page.type("#desktop-current-password", STRAVA_PASSWORD);
+
+let submitLoginElement = await page.waitForSelector('button[type="submit"]:not([disabled])', {visible: true});
+await submitLoginElement.click()
+await page.waitForNavigation({waitUntil: "networkidle2"});
+
+console.log("Loading global heatmap...");
+await page.goto("https://www.strava.com/maps/global-heatmap");
+await page.waitForResponse((response) => response.url().includes("heatmap-external"));
+
+console.log("Retrieving cookies...");
+let cookies = browser.cookies();
+let stravaId = cookies.find((c) => c.name === "strava_remember_id").value;
+let stravaCookies = cookies
+    .filter((c) => REQUIRED_COOKIE_NAMES.includes(c.name))
+    .map((c) => `${c.name}=${c.value}`)
+    .join(";");
+
+console.log(`STRAVA_ID='${stravaId}'`);
+console.log(`STRAVA_COOKIES='${stravaCookies}'`);

wrangler.toml

@@ -9,7 +9,7 @@ compatibility_date = "2021-11-19"
 #
 # ALLOWED_ORIGINS: Sets CORS header and checks that requests have appropriate
 # origin header. If unset or empty all origins are allowed
-vars = { TILE_CACHE_SECS = "86400", ALLOWED_ORIGINS = "" }
+vars = { TILE_CACHE_SECS = "604800", ALLOWED_ORIGINS = "" }
 
 # [secrets]
 # STRAVA_ID