feat: add 30-45s random delay before portal credential POST

diegoscarabelli · diegoscarabelli · commit c1f8a9a38291 · 2026-04-07T15:34:47.000-07:00
Garmin's Cloudflare WAF rate-limits requests that go directly from the SSO page GET to the login POST without intervening activity. A random 30-45s delay mimics natural browser behavior and helps avoid the 429 block. Adapted from upstream PR cyberjunky#346. The delay only applies to the portal+cffi / portal+requests fallback strategies. The widget+cffi primary strategy uses a different (HTML form, no clientId) endpoint that is not subject to per-clientId rate limiting and does not need this delay.
diff --git a/garminconnect/client.py b/garminconnect/client.py
@@ -4,7 +4,9 @@
 import contextlib
 import json
 import logging
+import random
 import re
+import time
 from pathlib import Path
 from typing import Any
 
@@ -511,6 +513,14 @@ def _portal_web_login(
             timeout=30,
         )
 
+        # Garmin's Cloudflare WAF rate-limits requests that go directly from
+        # the SSO page GET to the login POST without intervening activity.
+        # A random 30-45s delay mimics natural browser behavior and
+        # consistently avoids the 429 block. (Adapted from upstream PR #346.)
+        delay_s = random.uniform(30, 45)
+        _LOGGER.debug("Portal login: sleeping %.1fs before credential POST", delay_s)
+        time.sleep(delay_s)
+
         # Step 2: POST credentials to the portal login API
         login_url = f"{self._sso}/portal/api/login"
         login_params = {
