search

www-ShapeLabs-de / Judo-i-soft-save-plus-to-mqtt-bridge

A small device to write and read settings to Judo i-soft safe+ water softening system with homeassistant
MIT License
20 stars 6 forks source link

Why use Token instead of Username/Password? #1

Closed hzulla closed 1 year ago

hzulla commented 1 year ago

https://github.com/www-ShapeLabs-de/Judo-i-soft-save-plus-to-mqtt-bridge/blob/9ea6f6145c0fc38f97e52bdf989079c6f3950e3e/python/config_getjudo.py#L5

Hi there,

thanks for the code, I'm using it as an inspiration for my own judo -> influx script.

Is there a reason why you're using the token instead of a login sequence? I'm not sure whether the token is valid for a long time. I'm doing a full login in my tiny script and it was pretty easy to do with

pwmd5 = hashlib.md5(PASSWORD.encode("utf-8")).hexdigest()

with urllib.request.urlopen(f'https://www.myjudo.eu/interface/?group=register&command=login&name=login&user={USERNAME}&password={pwmd5}&nohash=Service&role=customer') as url:
    json_data = json.load(url)
    token = json_data['token']

if not token:
    sys.exit('Login to myjudo.eu failed.')

I'd agree that re-using the token will result in fewer HTTP requests, so maybe only do a new login sequence when a locally stored token becomes invalid?

www-ShapeLabs-de commented 1 year ago

Hello, that the token could become invalid at some point, I have also thought about that. I use my token already for several weeks successfully, but you're right, I could in any case the log-in with user/pass still include. I could let the script generate 1x daily a new token, or if there's an error while parsing/getting the data

Thanks for the login url, I had not yet tracked. I think I will add this to the code in one of the next comitts.