jeans/core
jeans/core
1
0
Fork 0
mirror of https://github.com/home-assistant/core.git synced 2025-07-23 21:27:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow encrypted passwords

Browse Source
This commit is contained in:
Fabian Affolter 2016-03-19 22:15:23 +01:00
parent 0bf13dbf26
commit 505b3b198e
2 changed files with 33 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
homeassistant/components/http.py
View File

@ -32,6 +32,8 @@ from homeassistant.const import (
DOMAIN = "http" DOMAIN = "http"
REQUIREMENTS = ["passlib==1.6.5"]
CONF_API_PASSWORD = "api_password" CONF_API_PASSWORD = "api_password"
CONF_SERVER_HOST = "server_host" CONF_SERVER_HOST = "server_host"
CONF_SERVER_PORT = "server_port" CONF_SERVER_PORT = "server_port"
@ -176,6 +178,8 @@ class RequestHandler(SimpleHTTPRequestHandler):
def _handle_request(self, method): # pylint: disable=too-many-branches def _handle_request(self, method): # pylint: disable=too-many-branches
"""Perform some common checks and call appropriate method.""" """Perform some common checks and call appropriate method."""
from passlib import hash
url = urlparse(self.path) url = urlparse(self.path)
# Read query input. parse_qs gives a list for each value, we want last # Read query input. parse_qs gives a list for each value, we want last
@ -198,12 +202,20 @@ class RequestHandler(SimpleHTTPRequestHandler):
"Error parsing JSON", HTTP_UNPROCESSABLE_ENTITY) "Error parsing JSON", HTTP_UNPROCESSABLE_ENTITY)
return return
try:
self.authenticated = (hash.sha256_crypt.verify(
self.headers.get(HTTP_HEADER_HA_AUTH),
self.server.api_password) or
hash.sha256_crypt.verify(
data.get(DATA_API_PASSWORD),
self.server.api_password) or
self.verify_session())
except (TypeError, ValueError):
self.authenticated = (self.server.api_password is None or self.authenticated = (self.server.api_password is None or
self.headers.get(HTTP_HEADER_HA_AUTH) == self.headers.get(HTTP_HEADER_HA_AUTH) ==
self.server.api_password or self.server.api_password or
data.get(DATA_API_PASSWORD) == data.get(DATA_API_PASSWORD) ==
self.server.api_password or self.server.api_password)
self.verify_session())
if '_METHOD' in data: if '_METHOD' in data:
method = data.pop('_METHOD') method = data.pop('_METHOD')

15
script/gen_hash.py Executable file
View File

@ -0,0 +1,15 @@
#!/usr/bin/python3
"""Generate hashes from given strings."""
import getpass
from passlib import hash
response1 = getpass.getpass('Please enter your string/password/API key: ')
response2 = getpass.getpass('Please enter the string/password/API key again: ')
hashed = hash.sha256_crypt.encrypt(response1)
if hash.sha256_crypt.verify(response2, hashed):
print('Put the hash in your configuration.yaml file.')
print(hashed)
else:
print('No match! Please try again.')