Flow2API Token Updater is a lightweight multi-profile token refresh tool. It uses Playwright persistent browser profiles to keep Google Labs login sessions alive, extracts session tokens when needed, and pushes them to Flow2API.
This version focuses on three things:
- multi-profile account management
- per-profile Flow2API target override
- a realtime dashboard with charts and recent activity
- Lightweight runtime: VNC/Xvfb/noVNC only starts when login is needed
- Smart sync: profiles are grouped by effective Flow2API URL and token
- Per-profile overrides: each profile can override target URL and token
- Proxy support: each profile can use its own proxy
- Cookie import: recover login state without opening the browser
- Realtime dashboard: SSE-first updates with polling fallback
- Chart ranges: 6h / 24h / 72h / 7d
- Built-in analytics: sync activity, failure reasons, target distribution
- Each account is stored as an isolated Profile.
- Browser state is persisted in
profiles/. - During sync, the effective target is resolved as:
profile.flow2api_urlor globalFLOW2API_URLprofile.connection_token_overrideor globalCONNECTION_TOKEN
- Active profiles are grouped by effective target URL + effective token.
- Each group calls Flow2API
check-tokensfirst. - Only profiles that need refresh are synced.
- If target-side checking fails, the group falls back to force sync.
- Every sync result is stored as history for the dashboard.
git clone https://github.com/genz27/flow2api_tupdater.git
cd flow2api_tupdater
cp .env.example .envAt minimum, set these values in .env:
ADMIN_PASSWORDFLOW2API_URLCONNECTION_TOKEN
docker compose up -d --build- Admin UI:
http://localhost:8002 - noVNC:
http://localhost:6080/vnc.html
Port
6080is only relevant when VNC login is enabled and in use.
- Open the admin UI.
- Configure the global default Flow2API URL and token.
- Create a Profile.
- Click
Loginto launch the browser. - Finish Google login in noVNC.
- Click
Close Browserto persist the session state. - Run one manual sync to verify the account works.
- Let the scheduled job handle later refreshes.
- Create a Profile.
- Open the
Cookiedialog. - Paste cookie JSON for the
labs.googledomain. - Run
Check LoginorSyncto validate the imported session.
If one account should sync to another Flow2API instance:
- Open that profile's edit dialog.
- Set
Flow2API URL override. - If the target instance uses a different token, also set
Connection Token override. - Save the profile. That profile will now prefer the override values.
The admin dashboard includes:
- overview metrics
- sync activity chart with time-range switching
- status breakdown and profile ranking
- failure reason aggregation
- target instance distribution
- recent activity feed
- realtime connection state
The frontend prefers SSE updates and automatically falls back to light polling if the realtime stream is unavailable.
The default docker-compose.yml mounts these directories:
./data->/app/dataprofiles.db: profile data and sync historyconfig.json: persisted global defaults
./profiles->/app/profiles- Playwright persistent browser profile data
./logs->/app/logs- runtime logs
The following options are actively used by the application:
| Variable | Description | Default |
|---|---|---|
ADMIN_PASSWORD |
Admin UI password | empty |
API_KEY |
External API key | empty |
FLOW2API_URL |
Global default Flow2API URL | http://host.docker.internal:8000 |
CONNECTION_TOKEN |
Global default Flow2API token | empty |
REFRESH_INTERVAL |
Scheduled refresh interval in minutes | 60 |
SESSION_TTL_MINUTES |
Admin session TTL, 0 means no expiry |
1440 |
CONFIG_FILE |
Path for persisted global config | /app/data/config.json |
API_PORT |
HTTP listen port | 8002 |
ENABLE_VNC |
Enable VNC login entry, 1/0 |
1 |
VNC_PASSWORD |
Password for noVNC / x11vnc | flow2api |
Effective target resolution follows this order:
- Profile-level
flow2api_url - Global
FLOW2API_URL
And for the token:
- Profile-level
connection_token_override - Global
CONNECTION_TOKEN
Used by the web dashboard:
POST /api/loginPOST /api/logoutGET /api/auth/checkGET /api/statusGET /api/dashboard?hours=6|24|72|168GET /api/dashboard/stream?session_token=...GET /api/configPOST /api/configGET /api/profilesPOST /api/profilesGET /api/profiles/{id}PUT /api/profiles/{id}DELETE /api/profiles/{id}POST /api/profiles/{id}/launchPOST /api/profiles/{id}/closePOST /api/profiles/{id}/check-loginPOST /api/profiles/{id}/import-cookiesPOST /api/profiles/{id}/extractPOST /api/profiles/{id}/syncPOST /api/sync-all
These endpoints require X-API-Key:
GET /v1/profilesGET /v1/profiles/{id}/tokenPOST /v1/profiles/{id}/syncGET /health
v3.3 adds:
- profile-level target URL override
- profile-level token override
- sync history storage
- realtime dashboard and SSE stream
- failure reason aggregation
- target instance distribution
- dashboard time-range filters
Recommended upgrade steps:
- Back up
data/andprofiles/. - Pull the latest code.
- Rebuild and restart the container.
- The app will auto-create new columns and history tables if needed.
- Re-check global defaults in the admin UI.
- Re-check profile-level overrides if you use multiple Flow2API targets.
The effective target config is incomplete. Check:
- the global default target settings
- the profile-level URL override
- the profile-level token override
A profile that points to another Flow2API instance usually also needs a matching token override.
The stored browser session is no longer usable. Try one of these:
- login again through VNC
- import a fresh cookie set
- run
Check Loginbefore syncing again
Check:
ENABLE_VNC=1- port
6080is mapped - you actually clicked the profile
Loginbutton
If you change the application listen port, make sure you also update the
port mapping in docker-compose.yml.
MIT