Cache Auth Token #83
Comments
reox
added
enhancement
|
I am not aware of any secure caching functionality right now in HomeAssistant. Although I guess the Wiener Netze API offers to renew a particular token by using the refresh token along side the access token, we cannot really persist them in HA I fear. |
|
Okay, but also username and password is stored? Can we not just use the same approach? |
|
oh you're right. i forgot. yes we could. only thing left to check is, how
we could renew a token. for that we would have to potentially wait for the
session to renew itself in the browser and check the calls made in die
tools.
…On Wed, Mar 29, 2023, 14:41 reox ***@***.***> wrote:
Okay, but also username and password is stored? Can we not just use the
same approach?
—
Reply to this email directly, view it on GitHub
<#83 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AADX2VGPVEJMFT3SVSTRHNTW6QUYXANCNFSM6AAAAAAWIBGRCQ>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
|
Maybe it is a good idea to switch to a proper OpenID-Connect library, which can handle all these things. I also checked the token response, they are valid for 300 seconds, and the refresh token for 1800s (30min). I guess the website sets a cookie with a longer lifespan? |
|
regarding OpenID: that would be for sure the more stable solution, though we are assuming that log.wien correctly implemented it according to the standard. regarding the token: Home assistant does not provide afaik the possibility to launch separate scheduled tasks then the update lifecycle. What we could do is reduce the update cycle to happen < 30min and first use refresh token and if that fails as a fallback the credentials login and update the sensors merely every 2nd-3rd time. What do you think @reox? |
The question is also if we are acting according to any standard :D
Or even reduce it to 5min and just update the API every half an hour. I implemented something similar with the statistics, to only query after 24h after the last imported stat, eve if the update function is called more often. |
For sure not. But as of my experience openId is often not implemented according to the standard. Just to keep that in mind, when integrating into an external system.
|
|
I had a look on what is taking so long during login. It is actually the fetching of the API keys from the javascript files. |
|
there you have a point. We could download and cache the keys (by downloading the html-file -> js-files -> api keys) if
and use the cached one as long as it doesn't fail to login due to invalid keys |
|
I thought about that too. Probably would have to check in the |
|
Since like 2 or 3 days I get every now and then mails from log.wien regarding unexpected logins.
|
|
yes, see #289 (comment) seems like they are doing many things with the login right now. Blocking it, etc... |
Right now, the API is logged in every time it is triggered. However, I think the token can be used for much longer time than 15min.
Is it possible to store it and re-use for longer time?
The text was updated successfully, but these errors were encountered: