-
-
Notifications
You must be signed in to change notification settings - Fork 37.8k
Hassio auth #17274
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Hassio auth #17274
Changes from 10 commits
Commits
Show all changes
18 commits
Select commit
Hold shift + click to select a range
160f16a
Create auth.py
pvizeli 88582d8
Update auth.py
pvizeli c3ea7b9
Update auth.py
pvizeli bec27ae
Update __init__.py
pvizeli 900cf1a
Update auth.py
pvizeli 4a35ea9
Update auth.py
pvizeli 8dae06d
Update auth.py
pvizeli bc72cfd
Update auth.py
pvizeli 6d56ce5
Update auth.py
pvizeli c9aafbf
Update auth.py
pvizeli fd989f4
Update auth.py
pvizeli 683c927
Update auth.py
pvizeli cbf4a67
Update auth.py
pvizeli 09e39a8
Add tests
pvizeli 311014d
Update test_auth.py
pvizeli 7ed5cc8
Update auth.py
pvizeli e6f89b9
Update test_auth.py
pvizeli 9ed9133
Update auth.py
pvizeli File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,68 @@ | ||
| """Implement the auth feature from Hass.io for Add-ons.""" | ||
| import logging | ||
| import os | ||
|
|
||
| from aiohttp.web_exceptions import ( | ||
| HTTPForbidden, HTTPNotFound, HTTPOk, HTTPUnauthorized) | ||
|
|
||
| from homeassistant.core import callback | ||
| from homeassistant.exceptions import HomeAssistantError | ||
| from homeassistant.components.http import HomeAssistantView | ||
| from homeassistant.components.http.const import KEY_REAL_IP | ||
|
|
||
|
|
||
| _LOGGER = logging.getLogger(__name__) | ||
|
|
||
| ATTR_USERNAME = 'username' | ||
| ATTR_PASSWORD = 'password' | ||
|
|
||
|
|
||
| @callback | ||
| def async_setup_auth(hass): | ||
| """Auth setup.""" | ||
| hassio_ip = os.environ['HASSIO'].split(':')[0] | ||
|
Member
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. No need to pre-parse and store that in the view, can just get it on demand? |
||
| hassio_auth = HassIOAuth(hass, hassio_ip) | ||
|
|
||
| hass.http.register_view(hassio_auth) | ||
|
|
||
|
|
||
| class HassIOAuth(HomeAssistantView): | ||
| """Hass.io view to handle base part.""" | ||
|
|
||
| name = "api:hassio_auth" | ||
| url = "/api/hassio_auth" | ||
|
|
||
| def __init__(self, hass, hassio_ip): | ||
| """Initialize WebView.""" | ||
| self.hass = hass | ||
| self.hassio_ip = hassio_ip | ||
|
pvizeli marked this conversation as resolved.
Outdated
|
||
|
|
||
| async def post(self, request): | ||
|
pvizeli marked this conversation as resolved.
Outdated
|
||
| """Handle new discovery requests.""" | ||
| if request[KEY_REAL_IP] != self.hassio_ip: | ||
|
pvizeli marked this conversation as resolved.
Outdated
|
||
| _LOGGER.error( | ||
| "Invalid auth request from %s", request[KEY_REAL_IP]) | ||
| raise HTTPForbidden() | ||
|
|
||
| data = await request.json() | ||
| await self._check_login(data[ATTR_USERNAME], data[ATTR_PASSWORD]) | ||
|
|
||
| def _get_provider(self): | ||
| """Return Homeassistant auth provider.""" | ||
| for prv in self.hass.auth.auth_provider: | ||
|
pvizeli marked this conversation as resolved.
Outdated
|
||
| if prv.type == 'homeassistant': | ||
| return prv | ||
|
|
||
| _LOGGER.error("Can't find Home Assistant auth.") | ||
| raise HTTPNotFound() | ||
|
|
||
| async def _check_login(self, username, password): | ||
| """Check User credentials.""" | ||
| provider = self._get_provider() | ||
|
|
||
|
pvizeli marked this conversation as resolved.
|
||
| try: | ||
| provider.async_validate_login(username, password) | ||
| except HomeAssistantError: | ||
| raise HTTPUnauthorized() from None | ||
|
|
||
| raise HTTPOk() | ||
|
Member
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is weird. Just return web.Response(status=200) from the view. |
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.