evlli/hass-core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
17280 commits 291 branches 1355 tags 1.4 GiB
Commit graph

218 commits

Author SHA1 Message Date
Paulus Schoutsen
47f60e6cf2 Remove fingerprint middleware (#20682) 
* Remove fingerprint middleware

* Lint
 2019-02-02 11:52:34 +01:00
Louis Matthijssen
d39784906b Fix HTTP login attempts check triggering too late (#20431) 2019-01-26 03:13:44 +01:00
Andrew Sayre
bb21cb6c89 Remove trailing slash from base_url and added ability to generate webhook path. (#20295) 2019-01-21 20:50:41 +01:00
Jason Hu
97394df0b9
Only authenticate request when owner can be found 2019-01-11 00:26:25 -08:00
Paulus Schoutsen
d1a621601d No more opt-out auth (#18854) 
* No more opt-out auth

* Fix var
 2018-12-02 16:32:53 +01:00
Paulus Schoutsen
df21dd21f2 RFC: Call services directly (#18720) 
* Call services directly

* Simplify

* Type

* Lint

* Update name

* Fix tests

* Catch exceptions in HTTP view

* Lint

* Handle ServiceNotFound in API endpoints that call services

* Type

* Don't crash recorder on non-JSON serializable objects
 2018-11-30 21:28:35 +01:00
Paulus Schoutsen
d014517ce2
Always set hass_user (#18844) 2018-11-30 17:32:47 +01:00
Paulus Schoutsen
a2386f871d Forbid float NaN in JSON (#18757) 2018-11-28 13:25:23 +01:00
Paulus Schoutsen
c2f8dfcb9f
Legacy api fix (#18733) 
* Set user for API password requests

* Fix tests

* Fix typing
 2018-11-27 10:41:44 +01:00
Paulus Schoutsen
8b8629a5f4 Add permission checks to Rest API (#18639) 
* Add permission checks to Rest API

* Clean up unnecessary method

* Remove all the tuple stuff from entity check

* Simplify perms

* Correct param name for owner permission

* Hass.io make/update user to be admin

* Types
 2018-11-25 18:04:48 +01:00
Paulus Schoutsen
1341ecd2eb
Use proper signals (#18613) 
* Emulated Hue not use deprecated handler

* Remove no longer needed workaround

* Add middleware directly

* Dont always load the ban config file

* Update homeassistant/components/http/ban.py

Co-Authored-By: balloob <paulus@home-assistant.io>

* Update __init__.py
 2018-11-21 20:55:21 +01:00
Paulus Schoutsen
312d49caec Allow creating signed urls (#17759) 
* Allow creating signed urls

* Fix parameter

* Lint
 2018-10-25 16:44:57 +02:00
Paulus Schoutsen
2e6346ca43 Break up websocket 2 (#17028) 
* Break up websocket 2

* Lint+Test

* Lintttt

* Rename
 2018-10-01 16:09:31 +02:00
Jerad Meisner
50fb59477a Store notifications in component. Add ws endpoint for fetching. (#16503) 
* Store notifications in component. Add ws endpoint for fetching.

* Comments
 2018-09-11 11:39:30 +02:00
Paulus Schoutsen
376d4e4fa0
Warning missed a space (#16233) 2018-08-28 09:32:50 +02:00
Paulus Schoutsen
9d491f5322 Change auth warning (#16216) 2018-08-27 10:37:03 +02:00
Jason Hu
24a8d60566 Tweak log level for bearer token warning (#16182) 2018-08-25 07:57:36 +02:00
Ville Skyttä
dd9d53c83e Update pydocstyle to 2.1.1 and flake8-docstrings to 1.3.0 (#14557) 
* Update pydocstyle to 2.1.1 and flake8-docstrings to 1.3.0

* Pydocstyle D401 fixes
 2018-08-24 10:28:43 +02:00
Paulus Schoutsen
7bb5344942
Remove homeassistant.remote (#16099) 
* Remove homeassistant.remote

* Use direct import for API

* Fix docstring
 2018-08-21 15:49:58 +02:00
Paulus Schoutsen
121abb450a Use aiohttp web.AppRunner (#16020) 
* Use aiohttp web.AppRunner

* Stop site
 2018-08-20 14:03:35 +02:00
Ville Skyttä
dbd0763f83 Grammar and spelling fixes (#16065) 2018-08-19 22:29:08 +02:00
Paulus Schoutsen
e776f88eec
Use JWT for access tokens (#15972) 
* Use JWT for access tokens

* Update requirements

* Improvements
 2018-08-14 21:14:12 +02:00
Paulus Schoutsen
6540d2e073
Switch to intermediate Mozilla cert profile (#15957) 
* Allow choosing intermediate SSL profile

* Fix tests
 2018-08-14 08:20:17 +02:00
Jason Hu
da8f93dca2 Add trusted networks auth provider (#15812) 
* Add context to login flow

* Add trusted networks auth provider

* source -> context
 2018-08-13 12:40:06 +02:00
Jason Hu
272be7cdae Remove remote.API from core.Config (#15951) 
* Use core.ApiConfig replace remote.API in core.Config

* Move ApiConfig to http
 2018-08-13 09:26:20 +02:00
Jason Hu
6f2000f5e2 Make sure use_x_forward_for and trusted_proxies must config together (#15804) 
* Make sure use_x_forward_for and trusted_proxies must config together

* Fix unit test
 2018-08-03 13:52:34 +02:00
Paulus Schoutsen
c7f4bdafc0 Context (#15674) 
* Add context

* Add context to switch/light services

* Test set_state API

* Lint

* Fix tests

* Do not include context yet in comparison

* Do not pass in loop

* Fix Z-Wave tests

* Add websocket test without user
 2018-07-28 17:53:37 -07:00
Jason Hu
b2f4bbf93b Only log change to use access token warning once (#15690) 2018-07-27 15:53:46 +02:00
Paulus Schoutsen
169c8d793a
Fix CORS duplicate registration (#15670) 2018-07-25 11:36:44 +02:00
Jason Hu
d7690c5fda Add ipban for failed login attempt in new login flow (#15551) 
* Add ipban for failed login attempt in new login flow

* Address review comment

* Use decorator to clean up code
 2018-07-24 10:09:52 +02:00
Ville Skyttä
b7c336a687 Pylint cleanups (#15626) 
* Pylint 2 no-else-return fixes

* Remove unneeded abstract-class-not-used pylint disable
 2018-07-23 10:16:05 +02:00
Jason Hu
f1286f8e6b Reset failed login attempts counter when login success (#15564) 2018-07-20 12:09:48 +02:00
Ville Skyttä
2f7b79764a More pylint 2 fixes (#15565) 
## Description:

More fixes flagged by pylint 2 that don't hurt to have before the actual pylint 2 upgrade (which I'll submit soon).

## Checklist:
  - [ ] The code change is tested and works locally.
  - [x] Local tests pass with `tox`. **Your PR cannot be merged unless tests pass**
 2018-07-20 11:45:20 +03:00
Paulus Schoutsen
2a76a0852f
Allow CORS requests to token endpoint (#15519) 
* Allow CORS requests to token endpoint

* Tests

* Fuck emulated hue

* Clean up

* Only cors existing methods
 2018-07-19 08:37:00 +02:00
Paulus Schoutsen
ad4cba70a0
Extract SSL context creation to helper (#15483) 
* Extract SSL context creation to helper

* Lint
 2018-07-16 10:32:07 +02:00
Paulus Schoutsen
ed0cfc4f31
Add user via cmd line creates owner (#15470) 
* Add user via cmd line creates owner

* Ensure access tokens are not verified for inactive users

* Stale print

* Lint
 2018-07-15 20:46:15 +02:00
Paulus Schoutsen
70fe463ef0
User management (#15420) 
* User management

* Lint

* Fix dict

* Reuse data instance

* OrderedDict all the way
 2018-07-13 15:31:20 +02:00
Jason Hu
6e3ec97acf Include request.path in legacy api password warning message (#15438) 2018-07-13 09:19:13 +02:00
Jason Hu
f874efb224 By default to use access_token if hass.auth.active (#15212) 
* Force to use access_token if hass.auth.active

* Not allow Basic auth with api_password if hass.auth.active

* Block websocket api_password auth when hass.auth.active

* Add legacy_api_password auth provider

* lint

* lint
 2018-06-30 22:31:36 -04:00
Hmmbob
94b55efef3 Stop supporting deprecated TLS ciphers (#15217) 
* Stop supporting deprecated TLS ciphers

* Lint
 2018-06-29 17:18:44 -04:00
Colin O'Dell
fd38caa287 X-Forwarded-For improvements and bug fixes (#15204) 
* Use new trusted_proxies setting for X-Forwarded-For whitelist

* Only use the last IP in the header

Per Wikipedia (https://en.wikipedia.org/wiki/X-Forwarded-For#Format):

 > The last IP address is always the IP address that connects to the last proxy,
 > which means it is the most reliable source of information.

* Add two additional tests

* Ignore nonsense header values instead of failing
 2018-06-29 16:27:06 -04:00
Colin O'Dell
19f2bbf52f Only use the X-Forwarded-For header if connection is from a trusted network (#15182) 
See https://github.com/home-assistant/home-assistant/issues/14345#issuecomment-400854569
 2018-06-28 09:16:11 -04:00
Robert Kiss
3921dc77a6 Add SSL peer certificate support to HTTP server (#15043) 
* adding SSL peer certificate support to HTTP server

* remove unnecessary exception block
 2018-06-26 11:44:08 -04:00
Ville Skyttä
b92350fb55 Lint cleanup (#15103) 
* Remove unneeded inline pylint disables

* Remove unneeded noqa's

* Use symbol names instead of message ids in inline pylint disables
 2018-06-25 13:05:07 -04:00
Paulus Schoutsen
5ec7fc7ddb Backend tweaks to make authorization work (#14339) 
* Backend tweaks to make authorization work

* Lint

* Add test

* Validate redirect uris

* Fix tests

* Fix tests

* Lint
 2018-05-10 10:38:11 +02:00
Paulus Schoutsen
cdd45e7878 Foundation for users (#13968) 
* Add initial user foundation to Home Assistant

* Address comments

* Address comments

* Allow non-ascii passwords

* One more utf-8 hmac compare digest

* Add new line
 2018-05-01 18:20:41 +02:00
Fabian Affolter
e01a0f91d6 Upgrade aiohttp_cors to 0.7.0 (#13289) 2018-03-17 17:37:53 +01:00
Paulus Schoutsen
0a2e949e0a Remove crazy JSON encoding things that are no longer used (#13029) 
Catch JSON encoding errors in HTTP view
 2018-03-12 23:22:08 +01:00
Boyi C
321eb2ec6f Move HomeAssistantView to separate file. Convert http to async syntax. [skip ci] (#12982) 
* Move HomeAssistantView to separate file. Convert http to async syntax.

* pylint

* websocket api

* update emulated_hue for async/await

* Lint
 2018-03-08 17:51:49 -08:00
Paulus Schoutsen
6a5c7ef43f
Upgrade to aiohttp 3 (#12921) 
* Upgrade aiohttp to 3.0.6

* Fix tests

* Fix aiohttp client stream test

* Lint

* Remove drain
 2018-03-05 13:28:41 -08:00