Hi Chris + community,

I wrote a Flask app (WIP version: https://www.dice-app.org/) to provide interested researchers a code-free access to my oTree app. I'd like to provide them with a url to access the data they created in their sessions. I saw that the data export (clicking on "Plain" at the bottom left of the screen) masks a URL that looks like this:

https://[my app].herokuapp.com/ExportSessionWide/[session code]?token=[some token]

This looks promising because it means that I can simply provide that URL with the corresponding session codes and tokens. Having these information, others can download the data easily. However, I am wondering whether the token is constant or whether I can retrieve that token somehow somewhere.

Best
Hauke

What happens if you omit the token?

"Missing or incorrect auth token"

And the console tells me:

"Failed to load resource: the server responded with a status of 400 (Bad Request)"

I had this exact problem and I had to fork oTree and make a version that does not require the token to export. The token is set by the DATA_EXPORT_HASH variable, and when I did this I don't think there was a way to set this as an environment or session variable as it is generated by oTree internally. 

Maybe this has changed since then, or maybe there is a way to set this token yourself, but this was my approach when I had to implement this quickly last year.

Thanks Olaf! So I assume that the token is not a constant then, correct?

@Chris, do you have any simple workarounds in mind?