HTTP Authentication!

I finally got around to putting in a bit of security. Now people can’t just go around rebooting, shutting down or changing the settings on my Sensors. I have worked Basic HTTP Authorization into the programs. However, due to myself wanting to keep more information open, I have only added required authentication on things that could change what the sensors doing at the time. AKA you can get all sensor readings without logging in and even most configurations, but you can’t change any configurations or see the WiFi settings without logging in.
The Control Center program also now supports the Authentication and uses it by default in any commands sent. The user and password can be changed in both programs.
To make the program communication actually secure, I would have to enable HTTPS as well, because the password is sent in clear text over HTTP … but that’s where a problem occurs because if the DateTime is wrong on the sensor (by default they don’t keep track of time when powered off), the HTTPS won’t work… I’ll probably add it later anyway, but I’ll have to see if I can at least get the Control Center to ignore invalid certificate’s so one can at least sync the time correctly… I’ll have to think a bit more about that… Maybe I can just do 3rd party encryption on the password before sending it … yeah, I’ll have to think about that one more.

In other news, I had to make a few changes with the new Plotly 4.0 out as well as a new matplotlib module. The Plotly one was fairly easy but the matplotlib seems to freeze up my program now when doing plots (plot works fine, but can’t do anything else while it plots). I’ll have to do a bit more research and play around with it to get that proper again since it was nice being able to check other aspects and sensors during a live graph.

Since I do a lot of sensor reports, I re-worked the main screen to have a drop-down selector for the reports and database download. I don’t like the layout but I do like the convenience. I also changed the sensor commands to drop-down menu’s as well to help with the cluttered button arrangement. I’m still not sure I super like the overall look and feel … so I guess I’ll have to add GUI design to my research “ToDo” list.

I suppose my next bit of poking will be to bring some of the control center features into the web app itself, so more can be done without the control center. A few cool things to add would be a web-based SSH terminal to the local unit, the ability to edit the local configuration files and creating an offline Plotly graph right from the sensor.

Until next time!

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>