Refactory code / object handling (#289)

* Refactory code / object handling * Next step * fix lint * Step 2 * Cleanup API code * cleanup addons code * cleanup data handling * Cleanup addons data handling * Cleanup docker api * clean docker api p2 * next cleanup round * cleanup start on snapshots * update format strings * fix setup * fix lint * fix lint * fix lint * fix tox * Fix wrong import of datetime module * Fix bug with attributes * fix extraction * Update core * Update logs * Expand scheduler * add support for time interval objects * next updates on tasks * Fix some things * Cleanup code / supervisor * fix lint * Fix some code styles * rename stuff * cleanup api call reload * fix lock replacment * fix lint * fix lint * fix bug * fix wrong config links * fix bugs * fix bug * Update version on startup * Fix some bugs * fix bug * Fix snapshot * Add wait boot options * fix lint * fix default config * fix snapshot * fix snapshot * load snapshots on startup * add log message at the end * Some cleanups * fix bug * add logger * add logger for supervisor update * Add more logger
2025-10-18 08:09:36 +00:00 · 2018-01-02 21:21:29 +01:00
parent 34d1f4725d
commit 1c49351e66
55 changed files with 1439 additions and 1194 deletions
--- a/hassio/api/security.py
+++ b/hassio/api/security.py
@@ -10,8 +10,9 @@ import voluptuous as vol
 import pyotp
 import pyqrcode

-from .util import api_process, api_validate, hash_password
+from .utils import api_process, api_validate, hash_password
 from ..const import ATTR_INITIALIZE, ATTR_PASSWORD, ATTR_TOTP, ATTR_SESSION
+from ..coresys import CoreSysAttributes

 _LOGGER = logging.getLogger(__name__)

@@ -24,29 +25,24 @@ SCHEMA_SESSION = SCHEMA_PASSWORD.extend({
 })


-class APISecurity(object):
+class APISecurity(CoreSysAttributes):
    """Handle rest api for security functions."""

-    def __init__(self, config, loop):
-        """Initialize security rest api part."""
-        self.config = config
-        self.loop = loop
-
    def _check_password(self, body):
        """Check if password is valid and security is initialize."""
-        if not self.config.security_initialize:
+        if not self._config.security_initialize:
            raise RuntimeError("First set a password")

        password = hash_password(body[ATTR_PASSWORD])
-        if password != self.config.security_password:
+        if password != self._config.security_password:
            raise RuntimeError("Wrong password")

    @api_process
    async def info(self, request):
        """Return host information."""
        return {
-            ATTR_INITIALIZE: self.config.security_initialize,
-            ATTR_TOTP: self.config.security_totp is not None,
+            ATTR_INITIALIZE: self._config.security_initialize,
+            ATTR_TOTP: self._config.security_totp is not None,
        }

    @api_process
@@ -54,11 +50,11 @@ class APISecurity(object):
        """Set options / password."""
        body = await api_validate(SCHEMA_PASSWORD, request)

-        if self.config.security_initialize:
+        if self._config.security_initialize:
            raise RuntimeError("Password is already set!")

-        self.config.security_password = hash_password(body[ATTR_PASSWORD])
-        self.config.security_initialize = True
+        self._config.security_password = hash_password(body[ATTR_PASSWORD])
+        self._config.security_initialize = True
        return True

    @api_process
@@ -78,7 +74,7 @@ class APISecurity(object):
        qrcode.svg(buff)

        # finish
-        self.config.security_totp = totp_init_key
+        self._config.security_totp = totp_init_key
        return web.Response(body=buff.getvalue(), content_type='image/svg+xml')

    @api_process
@@ -88,8 +84,8 @@ class APISecurity(object):
        self._check_password(body)

        # check TOTP
-        if self.config.security_totp:
-            totp = pyotp.TOTP(self.config.security_totp)
+        if self._config.security_totp:
+            totp = pyotp.TOTP(self._config.security_totp)
            if body[ATTR_TOTP] != totp.now():
                raise RuntimeError("Invalid TOTP token!")

@@ -98,5 +94,5 @@ class APISecurity(object):
        session = hashlib.sha256(os.urandom(54)).hexdigest()

        # store session
-        self.config.add_security_session(session, valid_until)
+        self._config.add_security_session(session, valid_until)
        return {ATTR_SESSION: session}