Consider switching to use a Python eero client to enable adding new features more easily #18
Comments
|
This uses a derivative client of that, for simplicity. If we want to expose more things, we're going to need a fairly robust rewrite. Initially it was keeping things simple and doing one thing well, lol. I support the idea, but we'll need quite a few devs to reverse engineer the APIs even further. :) |
|
Lol. Yes. Keep it simple is great!
Though the eero client has some additional functionality this last year. I’d suggest we just add whatever enhancements they introduce that make sense.
When I have time, I’m happy to eventually contribute any that I would find useful and use (like pausing family profiles)...profiles are inline with device tracking it feels so we wouldn’t be branching out too far.
Hope my documentation edits/etc were fine. I went a bit crazy editing this morning.
|
|
Out of curiosity, why the extra step for generating the eero.session using an external script vs directly configuring in YAML the eero username & password (using HA secrets model)? This extra step just makes it a bit harder to install (at least for those who want to add as an add-on or may not be installing via the command line)...for a potentially very minimal (if any) security increase. |
|
The session key that comes out of that script gets updated periodically during the polling of the API. Traditionally it would go into the YAML but it's a big security issue if the app is writing/updating to the YAML on your behalf. Let alone it could create an overwrite condition where I write over top of your changes with a stale copy if we're updating the file at the same time. It's far from ideal, but it's the closest I could come up with given the design of the API and HA :( |
|
Sorry, I meant having the username and password in the YAML (with the
password in secrets.yaml). When eero starts up, it would generate a new
session key by logging in. Most other modules I see login upon startup,
with password recommended to be stored in secrets.yaml.
…On Tue, Jan 14, 2020 at 4:22 PM jrlucier ***@***.***> wrote:
The session key that comes out of that script gets updated periodically
during the polling of the API. Traditionally it would go into the YAML but
it's a big security issue if the app is writing/updating to the YAML on
your behalf. Let alone it could create an overwrite condition where I write
over top of your changes with a stale copy of we're hosting the file at the
same time.
It's far from ideal, but it's the closest I could come up with given the
design of the API and HA :(
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#18?email_source=notifications&email_token=AAQY4XH2BSAPNEGLMMJPL6DQ5ZJL7A5CNFSM4KD5MIRKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEI6TP4Y#issuecomment-574437363>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAQY4XEOA264UQC3VYIUO63Q5ZJL7ANCNFSM4KD5MIRA>
.
|
|
Eero requires secondary validation via email or phone number (2 factor authentication) to validate a login. There's no support in HA for an interactive login. So the init script will request a login to eero given your phone or email, and they'll SMS/email you a confirmation pin which you then give it to get the initial session token. |
|
I wonder if this is something that can be added to a config_flow within Home Assistant, so that the confirmation PIN can be entered in the Home Assistant UI. |
|
I remember that device tracker for Apple iCloud asks for a code using HA UI. It might be an option to this interactive login issue. Hope it helps. [
|
Depends on whether these start being actively developed.
For example, see:
https://github.com/343max/eero-client
The text was updated successfully, but these errors were encountered: