resource/mqtt: add optional username/password for MQTT authentication#1834
Conversation
|
We can add this, however the username and password will be globally exposed for all users that can access the coordinator, so this does not add much security. |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #1834 +/- ##
======================================
Coverage 45.4% 45.4%
======================================
Files 177 177
Lines 13863 13869 +6
======================================
+ Hits 6300 6306 +6
Misses 7563 7563
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
| host = attr.ib(validator=attr.validators.instance_of(str)) | ||
| avail_topic = attr.ib(validator=attr.validators.instance_of(str)) | ||
| username = attr.ib(default="", validator=attr.validators.instance_of(str)) | ||
| password = attr.ib(default="", validator=attr.validators.instance_of(str)) |
There was a problem hiding this comment.
We should use None instead of an empty string here if no password is set.
There was a problem hiding this comment.
Any specific reason why the empty string would not work just as well? I chose the empty string to simplify the {host}:{username}:{password} logic
True, but that is the general situation with labgrid, right? |
Even without a strong security guarantee, there may be use cases where unauthenticated MQTT is disabled, E.G.:
I am personally in the 2nd group ;) |
70192bb to
7c0cfd5
Compare
|
Changes since v1:
|
Some setups do not allow unauthenticated MQTT access, so add optional username and password arguments to TasmotaPowerPort. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
7c0cfd5 to
022f552
Compare
|
Rebased on current master for consistency. |
|
@Emantor great, anything else missing before this can be merged? |
No, CI hadn't run when I approved. Thanks for the contribution. |
Description
Some setups do not allow unauthenticated MQTT access, so add optional username and password arguments to TasmotaPowerPort.
Checklist