Add ingress session validation (#7610)

2025-07-24 09:46:36 +00:00 · 2020-11-06 23:01:29 +01:00 · 2020-11-06 23:01:29 +01:00 · 7e2db0aa4e
commit 7e2db0aa4e
parent cc1d50491b
4 changed files with 62 additions and 22 deletions
--- a/hassio/src/ingress-view/hassio-ingress-view.ts
+++ b/hassio/src/ingress-view/hassio-ingress-view.ts
@ -13,7 +13,10 @@ import {
  fetchHassioAddonInfo,
  HassioAddonDetails,
 } from "../../../src/data/hassio/addon";
-import { createHassioSession } from "../../../src/data/hassio/supervisor";
+import {
+  createHassioSession,
+  validateHassioSession,
+} from "../../../src/data/hassio/ingress";
 import "../../../src/layouts/hass-loading-screen";
 import "../../../src/layouts/hass-subpage";
 import { HomeAssistant, Route } from "../../../src/types";
@ -35,6 +38,17 @@ class HassioIngressView extends LitElement {
  @property({ type: Boolean })
  public narrow = false;

+  private _sessionKeepAlive?: number;
+
+  public disconnectedCallback() {
+    super.disconnectedCallback();
+
+    if (this._sessionKeepAlive) {
+      clearInterval(this._sessionKeepAlive);
+      this._sessionKeepAlive = undefined;
+    }
+  }
+
  protected render(): TemplateResult {
    if (!this._addon) {
      return html` <hass-loading-screen></hass-loading-screen> `;
@ -83,10 +97,7 @@ class HassioIngressView extends LitElement {
  }

  private async _fetchData(addonSlug: string) {
-    const createSessionPromise = createHassioSession(this.hass).then(
-      () => true,
-      () => false
-    );
+    const createSessionPromise = createHassioSession(this.hass);

    let addon;

@ -119,7 +130,11 @@ class HassioIngressView extends LitElement {
      return;
    }

-    if (!(await createSessionPromise)) {
+    let session;
+
+    try {
+      session = await createSessionPromise;
+    } catch (err) {
      await showAlertDialog(this, {
        text: "Unable to create an Ingress session",
        title: addon.name,
@ -128,6 +143,17 @@ class HassioIngressView extends LitElement {
      return;
    }

+    if (this._sessionKeepAlive) {
+      clearInterval(this._sessionKeepAlive);
+    }
+    this._sessionKeepAlive = window.setInterval(async () => {
+      try {
+        await validateHassioSession(this.hass, session);
+      } catch (err) {
+        session = await createHassioSession(this.hass);
+      }
+    }, 60000);
+
    this._addon = addon;
  }

--- a/src/data/hassio/ingress.ts
+++ b/src/data/hassio/ingress.ts
@ -0,0 +1,26 @@
+import { HomeAssistant } from "../../types";
+import { HassioResponse } from "./common";
+import { CreateSessionResponse } from "./supervisor";
+
+export const createHassioSession = async (hass: HomeAssistant) => {
+  const response = await hass.callApi<HassioResponse<CreateSessionResponse>>(
+    "POST",
+    "hassio/ingress/session"
+  );
+  document.cookie = `ingress_session=${
+    response.data.session
+  };path=/api/hassio_ingress/;SameSite=Strict${
+    location.protocol === "https:" ? ";Secure" : ""
+  }`;
+  return response.data.session;
+};
+
+export const validateHassioSession = async (
+  hass: HomeAssistant,
+  session: string
+) =>
+  await hass.callApi<HassioResponse<null>>(
+    "POST",
+    "hassio/ingress/validate_session",
+    { session }
+  );
--- a/src/data/hassio/supervisor.ts
+++ b/src/data/hassio/supervisor.ts
@ -111,18 +111,6 @@ export const fetchHassioLogs = async (
  return hass.callApi<string>("GET", `hassio/${provider}/logs`);
 };

-export const createHassioSession = async (hass: HomeAssistant) => {
-  const response = await hass.callApi<HassioResponse<CreateSessionResponse>>(
-    "POST",
-    "hassio/ingress/session"
-  );
-  document.cookie = `ingress_session=${
-    response.data.session
-  };path=/api/hassio_ingress/;SameSite=Strict${
-    location.protocol === "https:" ? ";Secure" : ""
-  }`;
-};
-
 export const setSupervisorOption = async (
  hass: HomeAssistant,
  data: SupervisorOptions
--- a/test-mocha/hassio/create_session.spec.ts
+++ b/test-mocha/hassio/create_session.spec.ts
@ -1,5 +1,5 @@
 import * as assert from "assert";
-import { createHassioSession } from "../../src/data/hassio/supervisor";
+import { createHassioSession } from "../../src/data/hassio/ingress";

 const sessionID = "fhdsu73rh3io4h8f3irhjel8ousafehf8f3yh";

@ -15,7 +15,7 @@ describe("Create hassio session", function () {
        return { data: { session: sessionID } };
      },
    });
-    assert.equal(
+    assert.strictEqual(
      // @ts-ignore
      global.document.cookie,
      "ingress_session=fhdsu73rh3io4h8f3irhjel8ousafehf8f3yh;path=/api/hassio_ingress/;SameSite=Strict"
@ -32,7 +32,7 @@ describe("Create hassio session", function () {
        return { data: { session: sessionID } };
      },
    });
-    assert.equal(
+    assert.strictEqual(
      // @ts-ignore
      global.document.cookie,
      "ingress_session=fhdsu73rh3io4h8f3irhjel8ousafehf8f3yh;path=/api/hassio_ingress/;SameSite=Strict;Secure"
@ -52,6 +52,6 @@ describe("Create hassio session", function () {
      () => true,
      () => false
    );
-    assert.equal(await createSessionPromise, false);
+    assert.strictEqual(await createSessionPromise, false);
  });
 });