Dashticz - authentication branch - testers needed Topic is solved

Dashticz, alternative dashboard based on HTML, CSS, jQuery

Moderators: leecollings, htilburgs, robgeerts

Post Reply
Lokonli
Posts: 2260
Joined: Monday 29 August 2016 22:40
Target OS: Raspberry Pi / ODroid
Domoticz version:
Contact:

Dashticz - authentication branch - testers needed

Post by Lokonli »

Domoticz 2023.2 introduced additional authentication methods including an OAuth2 flow.

I've made some changes in authentication methods in Dashticz to support this.

Before I push the changes to the beta branch, I would like to ask a few of you to test the changes.

How to test?

First get the new branch information:

Code: Select all

git fetch
Then change to the authentication branch:

Code: Select all

git checkout authentication
Then just check whether Dashticz still is working.

In case you are running Domoticz 2023.2 you can also test the OAUTH2 flow.

OAuth2 test
Precondition:
Both Dashticz as well as Domoticz should be served via SSL (HTTPS). OAuth2 flow is not supported on HTTP.
Dashticz is not within the range indicated in Domoticz -> Setup -> Settings -> Security -> Trusted network. (otherwise Dashtics will get access anyway)

Then,
In Domoticz -> Setup -> More options -> Application create a new application, for instance Dashticz with password Dashticz.
In CONFIG.js remove CONFIG['user_name'] and remove CONFIG['pass_word']
In CONFIG.js add:

Code: Select all

config['client_id'] = 'Dashticz';
config['client_secret'] = 'Dashticz';
Then if you refresh Dashticz, you will see a Domoticz login window indicating that Dashticz wants to have access. If you then fill in a Domoticz username (admin) and password, Dashticz will get authenticated via the OAuth2 flow.

Advantage: you don't have to store your Domoticz username and password in the CONFIG.js file. This is a first step in making Dashticz more secure.

Note: At this moment Domoticz doesn't support the websocket interface when Dashticz is not in the Trusted network setting.So there will be no real-time updates when authenticated via OAuth or basic auth. I'm looking into how to solve this (in Domoticz)

Switching back
Just enter one of the following commands.

Return to beta:

Code: Select all

git checkout beta
Return to master:

Code: Select all

git checkout master
You will not loose any configuration settings.

Your help is appreciated.
User avatar
kiddigital
Posts: 435
Joined: Thursday 10 August 2017 6:52
Target OS: Raspberry Pi / ODroid
Domoticz version: Beta
Location: Netherlands
Contact:

Re: Dashticz - authentication branch - testers needed

Post by kiddigital »

Nice! I will test it asap.
One RPi with Domoticz, RFX433e, aeon labs z-wave plus stick GEN5, ha-bridge 5.4.0 for Alexa, Philips Hue Bridge, Pimoroni Automation Hat
One RPi with Pi foundation standard touch screen to display Dashticz
Lokonli
Posts: 2260
Joined: Monday 29 August 2016 22:40
Target OS: Raspberry Pi / ODroid
Domoticz version:
Contact:

Re: Dashticz - authentication branch - testers needed

Post by Lokonli »

testing done. Merged into beta. Deleted authentication branch.
Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest