Hi, having studied the documentation for DIY mode, I noticed that requests that are sent as json do not have an authorization method. Modern api use tokens to authorize owners, I think adding a similar one for your devices is a pretty good idea!
For example, you can make an elementary token by encrypting SHA256 ("secret word" + ip adreess), this will allow access to the device safely, and will not allow token to be replaced from another source.
Hi, having studied the documentation for DIY mode, I noticed that requests that are sent as json do not have an authorization method. Modern api use tokens to authorize owners, I think adding a similar one for your devices is a pretty good idea!
For example, you can make an elementary token by encrypting SHA256 ("secret word" + ip adreess), this will allow access to the device safely, and will not allow token to be replaced from another source.
example secret word=blablabla ip=192.168.1.20