Closed hoof closed 1 year ago
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days
I am also seeing this issue, under slightly different circumstances. I use a conditional card to hide the Alarmo card completely when the system is not armed (to show a different user interface). If I disarm the alarm, then rearm it, then next time the Alarmo card is shown, my last code is prefilled. This is obviously a giant security problem and would love to see this fixed.
I can take a look at the code a bit later, but I'd recommend clearing the input field the second the disarm button is tapped before doing anything else (if it isn't already).
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days
Bad bot. This is still an active issue.
I am having trouble reproducing this issue. For me the code disappears when clicking the arm button. This is also what I would expect to happen based on the code. Did you try this on other devices (e.g. normal computer browser) as well?
https://github.com/nielsfaber/alarmo-card/assets/16861605/2d415345-66a2-4877-a6bc-382f4efccf92
I ended up making a small change that ensures the code is erased when the alarm state changes. In my own testing, this solves the issue @mririgoyen is experiencing. But I am not sure whether it solves the issue of @hoof . Could you please update to the new version and let me know if it helps? The changes are released under alarmo-card version v1.5.0.
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days
Checklist
Expected behavior
I expect that the entered code is cleared after successfully arming so that to disarm you need to enter a code again.
Actual behavior
The entered code is not cleared after arming hence it is possible to just click "disarm" without entering a code.
Steps to Reproduce
1) Enable "use code to arm" 2) Use pincode as code-type (unsure if is a problem for passwords as well) 2) Arm the alarm using a code - be sure not to touch anything after arming 3) Verify that the alarm is armed and that the "code" fields are still filled with dots 4) Press disarm without entering a code 5) verify that the alarm is disarmed..
https://user-images.githubusercontent.com/427736/221614144-b85ddc10-a8b3-4302-aecd-0e79c5e94731.mp4