I've made some changes in authentication methods in Dashticz to support this.
Before I push the changes to the beta branch, I would like to ask a few of you to test the changes.
How to test?
First get the new branch information:
Code: Select all
git fetch
Code: Select all
git checkout authentication
In case you are running Domoticz 2023.2 you can also test the OAUTH2 flow.
OAuth2 test
Precondition:
Both Dashticz as well as Domoticz should be served via SSL (HTTPS). OAuth2 flow is not supported on HTTP.
Dashticz is not within the range indicated in Domoticz -> Setup -> Settings -> Security -> Trusted network. (otherwise Dashtics will get access anyway)
Then,
In Domoticz -> Setup -> More options -> Application create a new application, for instance Dashticz with password Dashticz.
In CONFIG.js remove CONFIG['user_name'] and remove CONFIG['pass_word']
In CONFIG.js add:
Code: Select all
config['client_id'] = 'Dashticz';
config['client_secret'] = 'Dashticz';
Advantage: you don't have to store your Domoticz username and password in the CONFIG.js file. This is a first step in making Dashticz more secure.
Note: At this moment Domoticz doesn't support the websocket interface when Dashticz is not in the Trusted network setting.So there will be no real-time updates when authenticated via OAuth or basic auth. I'm looking into how to solve this (in Domoticz)
Switching back
Just enter one of the following commands.
Return to beta:
Code: Select all
git checkout beta
Code: Select all
git checkout master
Your help is appreciated.