mirror of
https://github.com/home-assistant/supervisor.git
synced 2025-10-14 06:09:43 +00:00

* Init services discovery * extend it * Add mqtt provider * Service support * More protocol stuff * Update validate.py * Update validate.py * Update API.md * Update API.md * update api * add API for services * fix lint * add security middleware * Add discovery layout * update * Finish discovery * improve discovery * fix * Update API * Update api * fix * Fix lint * Update API.md * Update __init__.py * Update API.md * Update interface.py * Update mqtt.py * Update discovery.py * Update const.py * Update validate.py * Update validate.py * Update mqtt.py * Update mqtt.py * Update discovery.py * Update discovery.py * Update discovery.py * Update interface.py * Update mqtt.py * Update mqtt.py * Update services.py * Update discovery.py * Update discovery.py * Update mqtt.py * Update discovery.py * Update services.py * Update discovery.py * Update discovery.py * Update mqtt.py * Update discovery.py * fix aiohttp * test * Update const.py * Update addon.py * Update homeassistant.py * Update const.py * Update addon.py * Update homeassistant.py * Update addon.py * Update security.py * Update const.py * Update validate.py * Update const.py * Update addon.py * Update API.md * Update addons.py * Update addon.py * Update validate.py * Update security.py * Update security.py * Update const.py * Update services.py * Update discovery.py * Update API.md * Update services.py * Update API.md * Update services.py * Update discovery.py * Update discovery.py * Update mqtt.py * Update discovery.py * Update discovery.py * Update __init__.py * Update mqtt.py * Update security.py * fix lint * Update core.py * Update API.md * Update services.py
35 lines
911 B
Python
35 lines
911 B
Python
"""Handle security part of this API."""
|
|
import logging
|
|
|
|
from aiohttp.web import middleware
|
|
|
|
from ..const import HEADER_TOKEN, REQUEST_FROM
|
|
|
|
_LOGGER = logging.getLogger(__name__)
|
|
|
|
|
|
@middleware
|
|
async def security_layer(request, handler):
|
|
"""Check security access of this layer."""
|
|
coresys = request.app['coresys']
|
|
hassio_token = request.headers.get(HEADER_TOKEN)
|
|
|
|
# Need to be removed later
|
|
if not hassio_token:
|
|
_LOGGER.warning("No valid hassio token for API access!")
|
|
request[REQUEST_FROM] = 'UNKNOWN'
|
|
|
|
# From Home-Assistant
|
|
elif hassio_token == coresys.homeassistant.uuid:
|
|
request[REQUEST_FROM] = 'homeassistant'
|
|
|
|
# From Add-on
|
|
else:
|
|
for addon in coresys.addons.list_addons:
|
|
if hassio_token != addon.uuid:
|
|
continue
|
|
request[REQUEST_FROM] = addon.slug
|
|
break
|
|
|
|
return await handler(request)
|