search

Aircoookie / WLED

Control WS2812B and many more types of digital RGB LEDs with an ESP8266 or ESP32 over WiFi!
https://kno.wled.ge
MIT License
15.06k stars 3.26k forks source link

usermods with secure config items #2948

Open johne opened 1 year ago

johne commented 1 year ago

i'm writing a ble usermod. I have the ble pairing key as a cfg.json entry, but this comes back over the air with the /json/cfg.json call in the clear.

it would be nice to either:

  1. add addToSecureConfig and readFromSecureConfig calls to the usermods and stub those out in the base class.
  2. add some specially handled key in addToConfig that would store the value in the secure area rather than the regular cfg.json

I haven't been able to come up with any alternative. i'm not super paranoid about someone getting my ble pairing key, so i'll likely just go without it being secure... alternately, I could make the change and then contribute it back as part of my PR.

btw: I really like the usermod structure... very clean, easily understandable and flexible

blazoncek commented 1 year ago

Add a PR that enhances usermod framework to store sensitive data into wsec.json