Open atrus05 opened 7 months ago
Not revealing the pin anymore after a restart has been a design decision and is a feature.
Once generated, the pin can no longer be retrieved from the system anymore. The pin is not stored in plain text. It is only shown in the UI as long as the device is not restarted.
Using the web-configurator credentials for external scripting access should be avoided, for the reasons you mentioned above. Also, access will be denied if the web-configurator is disabled in the UI (which could be intended or not).
Create an independent API-key instead:
$PIN
:
curl 'http://$IP/api/auth/api_keys' \
--header 'Content-Type: application/json' \
-u "web-configurator:$PIN" \
--data '{
"name": "curl access key",
"scopes": [
"admin"
]
}'
api_key
in a safe place.
It cannot be retrieved anymore and is only shown once in the response message.
Example response:
{
"name": "curl access key",
"api_key": "UYq_6Yv.ODE4ODRmY2Q0YThhNDRkYTk2ZWZjNGFmOWY3MmVlNjkuNWMxNDBkZjQxODlhNDdlYzkxNDQyZGY1YzA2YTMxY2U",
"active": true,
"scopes": [
"admin"
]
}
curl 'http://$IP/api/system' \
--header 'Authorization: Bearer UYq_6Yv.ODE4ODRmY2Q0YThhNDRkYTk2ZWZjNGFmOWY3MmVlNjkuNWMxNDBkZjQxODlhNDdlYzkxNDQyZGY1YzA2YTMxY2U'
After I've updated the authentication documentation in the core-api repository I will close this ticket.
Is there an existing issue for this?
Description
If I reboot the remote, you can no longer see the PIN code for the web-configurator on the remote.
How to Reproduce
Expected behavior
After reboot I would expect to see the PIN code, or at least be able to press the dots to see the PIN code. But at the moment I need to generate a new PIN.
System version
1.4.8
What part of the system affected by the problem?
UI
Additional context
This is a bit of a pain as all my CURL commands have to be edited. Often many times per day. Forcing me to get up from my computer, and walk to the Dock next to the TV to generate a new PIN. Are you all trying to get me fit or something ;)