v0.10.1 - Session Persistence Fix
π Critical Session Persistence Fix
This release resolves the session persistence issues reported in Discussion #34.
Issue Resolved
Problem: Sessions saved with save_session() couldn't be loaded in new processes, failing with:
Session file corrupted (invalid JSON)
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
Root Cause:
- Default encryption password was generated using hostname/username, which could vary between processes
- Legacy
load_session()method only handled tokens, not CSRF tokens and headers
Solution β
-
Stable Encryption Keys
- Default password now uses home directory instead of hostname/username
- Ensures consistent encryption/decryption across processes
- Sessions can now be reliably saved and loaded between different processes
-
Enhanced Session Handling
save_session()now saves comprehensive session data (tokens, CSRF, headers)load_session()properly restores all session components- Maintains full backward compatibility with existing code
-
Improved Security
- Sessions continue to use AES-256 encryption
- Better documentation about secure session storage
Example Usage
# Save session in one process
mm1 = MonarchMoney(session_file="my_session.json", use_encryption=True)
await mm1.login(email, password)
mm1.save_session() # β
Now works reliably
# Load session in different process
mm2 = MonarchMoney(session_file="my_session.json", use_encryption=True)
mm2.load_session() # β
Now works across processes!
await mm2.get_accounts() # β
Ready to useπ Thanks
Special thanks to @matthewdavis for the detailed bug report and investigation in Discussion #34. The root cause analysis was spot-on!
Other Improvements
- Enhanced documentation about session persistence
- Better error handling for edge cases
- Maintained backward compatibility
Full Changelog: v0.10.0...v0.10.1