Add security api and TOTP on supervisor (#41)

* Add security api and TOTP on supervisor * finish security api * fix lint * fix lint p2 * add new api view to init * Task session cleanup / fix hass wachdog * fix lint * fix api return * fix check
2025-12-24 20:35:55 +00:00 · 2017-05-10 22:02:47 +02:00
parent b76cd5c004
commit 956af2bd62
10 changed files with 268 additions and 20 deletions
--- a/hassio/config.py
+++ b/hassio/config.py
@@ -1,4 +1,5 @@
 """Bootstrap HassIO."""
+from datetime import datetime
 import logging
 import json
 import os
@@ -13,6 +14,8 @@ from .tools import (

 _LOGGER = logging.getLogger(__name__)

+DATETIME_FORMAT = "%Y%m%d %H:%M:%S"
+
 HOMEASSISTANT_CONFIG = PurePath("homeassistant")
 HOMEASSISTANT_LAST = 'homeassistant_last'

@@ -32,6 +35,11 @@ UPSTREAM_BETA = 'upstream_beta'

 API_ENDPOINT = 'api_endpoint'

+SECURITY_INITIALIZE = 'security_initialize'
+SECURITY_TOTP = 'security_totp'
+SECURITY_PASSWORD = 'security_password'
+SECURITY_SESSIONS = 'security_sessions'
+

 # pylint: disable=no-value-for-parameter
 SCHEMA_CONFIG = vol.Schema({
@@ -41,6 +49,11 @@ SCHEMA_CONFIG = vol.Schema({
    vol.Optional(HASSIO_LAST): vol.Coerce(str),
    vol.Optional(HASSIO_CLEANUP): vol.Coerce(str),
    vol.Optional(ADDONS_CUSTOM_LIST, default=[]): [vol.Url()],
+    vol.Optional(SECURITY_INITIALIZE, default=False): vol.Boolean(),
+    vol.Optional(SECURITY_TOTP): vol.Coerce(str),
+    vol.Optional(SECURITY_PASSWORD): vol.Coerce(str),
+    vol.Optional(SECURITY_SESSIONS, default={}):
+        {vol.Coerce(str): vol.Coerce(str)},
 }, extra=vol.REMOVE_EXTRA)


@@ -235,3 +248,55 @@ class CoreConfig(Config):

        self._data[ADDONS_CUSTOM_LIST].remove(repo)
        self.save()
+
+    @property
+    def security_initialize(self):
+        """Return is security was initialize."""
+        return self._data[SECURITY_INITIALIZE]
+
+    @security_initialize.setter
+    def security_initialize(self, value):
+        """Set is security initialize."""
+        self._data[SECURITY_INITIALIZE] = value
+        self.save()
+
+    @property
+    def security_totp(self):
+        """Return the TOTP key."""
+        return self._data.get(SECURITY_TOTP)
+
+    @security_totp.setter
+    def security_totp(self, value):
+        """Set the TOTP key."""
+        self._data[SECURITY_TOTP] = value
+        self.save()
+
+    @property
+    def security_password(self):
+        """Return the password key."""
+        return self._data.get(SECURITY_PASSWORD)
+
+    @security_password.setter
+    def security_password(self, value):
+        """Set the password key."""
+        self._data[SECURITY_PASSWORD] = value
+        self.save()
+
+    @property
+    def security_sessions(self):
+        """Return api sessions."""
+        return {session: datetime.strptime(until, DATETIME_FORMAT) for
+                session, until in self._data[SECURITY_SESSIONS].items()}
+
+    @security_sessions.setter
+    def security_sessions(self, value):
+        """Set the a new session."""
+        session, valid = value
+        if valid is None:
+            self._data[SECURITY_SESSIONS].pop(session, None)
+        else:
+            self._data[SECURITY_SESSIONS].update(
+                {session: valid.strftime(DATETIME_FORMAT)}
+            )
+
+        self.save()