github-actions[bot]
commented
1 year ago This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days
Closed hoof closed 1 year ago
github-actions[bot]
commented
1 year ago This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days
mririgoyen
commented
1 year ago I am also seeing this issue, under slightly different circumstances. I use a conditional card to hide the Alarmo card completely when the system is not armed (to show a different user interface). If I disarm the alarm, then rearm it, then next time the Alarmo card is shown, my last code is prefilled. This is obviously a giant security problem and would love to see this fixed.
I can take a look at the code a bit later, but I'd recommend clearing the input field the second the disarm button is tapped before doing anything else (if it isn't already).
github-actions[bot]
commented
1 year ago This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days
mririgoyen
commented
1 year ago Bad bot. This is still an active issue.
nielsfaber
commented
1 year ago I am having trouble reproducing this issue. For me the code disappears when clicking the arm button. This is also what I would expect to happen based on the code. Did you try this on other devices (e.g. normal computer browser) as well?
https://github.com/nielsfaber/alarmo-card/assets/16861605/2d415345-66a2-4877-a6bc-382f4efccf92
nielsfaber
commented
1 year ago I ended up making a small change that ensures the code is erased when the alarm state changes. In my own testing, this solves the issue @mririgoyen is experiencing. But I am not sure whether it solves the issue of @hoof . Could you please update to the new version and let me know if it helps? The changes are released under alarmo-card version v1.5.0.
github-actions[bot]
commented
1 year ago This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days
Checklist
Expected behavior
I expect that the entered code is cleared after successfully arming so that to disarm you need to enter a code again.
Actual behavior
The entered code is not cleared after arming hence it is possible to just click "disarm" without entering a code.
Steps to Reproduce
1) Enable "use code to arm" 2) Use pincode as code-type (unsure if is a problem for passwords as well) 2) Arm the alarm using a code - be sure not to touch anything after arming 3) Verify that the alarm is armed and that the "code" fields are still filled with dots 4) Press disarm without entering a code 5) verify that the alarm is disarmed..
https://user-images.githubusercontent.com/427736/221614144-b85ddc10-a8b3-4302-aecd-0e79c5e94731.mp4