d1a621601d
No more opt-out auth ( #18854 )
...
* No more opt-out auth
* Fix var
2018-12-02 16:32:53 +01:00
df21dd21f2
RFC: Call services directly ( #18720 )
...
* Call services directly
* Simplify
* Type
* Lint
* Update name
* Fix tests
* Catch exceptions in HTTP view
* Lint
* Handle ServiceNotFound in API endpoints that call services
* Type
* Don't crash recorder on non-JSON serializable objects
2018-11-30 21:28:35 +01:00
d014517ce2
Always set hass_user ( #18844 )
2018-11-30 17:32:47 +01:00
a2386f871d
Forbid float NaN in JSON ( #18757 )
2018-11-28 13:25:23 +01:00
c2f8dfcb9f
Legacy api fix ( #18733 )
...
* Set user for API password requests
* Fix tests
* Fix typing
2018-11-27 10:41:44 +01:00
8b8629a5f4
Add permission checks to Rest API ( #18639 )
...
* Add permission checks to Rest API
* Clean up unnecessary method
* Remove all the tuple stuff from entity check
* Simplify perms
* Correct param name for owner permission
* Hass.io make/update user to be admin
* Types
2018-11-25 18:04:48 +01:00
1341ecd2eb
Use proper signals ( #18613 )
...
* Emulated Hue not use deprecated handler
* Remove no longer needed workaround
* Add middleware directly
* Dont always load the ban config file
* Update homeassistant/components/http/ban.py
Co-Authored-By: balloob <paulus@home-assistant.io>
* Update __init__.py
2018-11-21 20:55:21 +01:00
312d49caec
Allow creating signed urls ( #17759 )
...
* Allow creating signed urls
* Fix parameter
* Lint
2018-10-25 16:44:57 +02:00
2e6346ca43
Break up websocket 2 ( #17028 )
...
* Break up websocket 2
* Lint+Test
* Lintttt
* Rename
2018-10-01 16:09:31 +02:00
50fb59477a
Store notifications in component. Add ws endpoint for fetching. ( #16503 )
...
* Store notifications in component. Add ws endpoint for fetching.
* Comments
2018-09-11 11:39:30 +02:00
376d4e4fa0
Warning missed a space ( #16233 )
2018-08-28 09:32:50 +02:00
9d491f5322
Change auth warning ( #16216 )
2018-08-27 10:37:03 +02:00
24a8d60566
Tweak log level for bearer token warning ( #16182 )
2018-08-25 07:57:36 +02:00
dd9d53c83e
Update pydocstyle to 2.1.1 and flake8-docstrings to 1.3.0 ( #14557 )
...
* Update pydocstyle to 2.1.1 and flake8-docstrings to 1.3.0
* Pydocstyle D401 fixes
2018-08-24 10:28:43 +02:00
7bb5344942
Remove homeassistant.remote ( #16099 )
...
* Remove homeassistant.remote
* Use direct import for API
* Fix docstring
2018-08-21 15:49:58 +02:00
121abb450a
Use aiohttp web.AppRunner ( #16020 )
...
* Use aiohttp web.AppRunner
* Stop site
2018-08-20 14:03:35 +02:00
dbd0763f83
Grammar and spelling fixes ( #16065 )
2018-08-19 22:29:08 +02:00
e776f88eec
Use JWT for access tokens ( #15972 )
...
* Use JWT for access tokens
* Update requirements
* Improvements
2018-08-14 21:14:12 +02:00
6540d2e073
Switch to intermediate Mozilla cert profile ( #15957 )
...
* Allow choosing intermediate SSL profile
* Fix tests
2018-08-14 08:20:17 +02:00
da8f93dca2
Add trusted networks auth provider ( #15812 )
...
* Add context to login flow
* Add trusted networks auth provider
* source -> context
2018-08-13 12:40:06 +02:00
272be7cdae
Remove remote.API from core.Config ( #15951 )
...
* Use core.ApiConfig replace remote.API in core.Config
* Move ApiConfig to http
2018-08-13 09:26:20 +02:00
6f2000f5e2
Make sure use_x_forward_for and trusted_proxies must config together ( #15804 )
...
* Make sure use_x_forward_for and trusted_proxies must config together
* Fix unit test
2018-08-03 13:52:34 +02:00
c7f4bdafc0
Context ( #15674 )
...
* Add context
* Add context to switch/light services
* Test set_state API
* Lint
* Fix tests
* Do not include context yet in comparison
* Do not pass in loop
* Fix Z-Wave tests
* Add websocket test without user
2018-07-28 17:53:37 -07:00
b2f4bbf93b
Only log change to use access token warning once ( #15690 )
2018-07-27 15:53:46 +02:00
169c8d793a
Fix CORS duplicate registration ( #15670 )
2018-07-25 11:36:44 +02:00
d7690c5fda
Add ipban for failed login attempt in new login flow ( #15551 )
...
* Add ipban for failed login attempt in new login flow
* Address review comment
* Use decorator to clean up code
2018-07-24 10:09:52 +02:00
b7c336a687
Pylint cleanups ( #15626 )
...
* Pylint 2 no-else-return fixes
* Remove unneeded abstract-class-not-used pylint disable
2018-07-23 10:16:05 +02:00
f1286f8e6b
Reset failed login attempts counter when login success ( #15564 )
2018-07-20 12:09:48 +02:00
2f7b79764a
More pylint 2 fixes ( #15565 )
...
## Description:
More fixes flagged by pylint 2 that don't hurt to have before the actual pylint 2 upgrade (which I'll submit soon).
## Checklist:
- [ ] The code change is tested and works locally.
- [x] Local tests pass with `tox`. **Your PR cannot be merged unless tests pass**
2018-07-20 11:45:20 +03:00
2a76a0852f
Allow CORS requests to token endpoint ( #15519 )
...
* Allow CORS requests to token endpoint
* Tests
* Fuck emulated hue
* Clean up
* Only cors existing methods
2018-07-19 08:37:00 +02:00
ad4cba70a0
Extract SSL context creation to helper ( #15483 )
...
* Extract SSL context creation to helper
* Lint
2018-07-16 10:32:07 +02:00
ed0cfc4f31
Add user via cmd line creates owner ( #15470 )
...
* Add user via cmd line creates owner
* Ensure access tokens are not verified for inactive users
* Stale print
* Lint
2018-07-15 20:46:15 +02:00
70fe463ef0
User management ( #15420 )
...
* User management
* Lint
* Fix dict
* Reuse data instance
* OrderedDict all the way
2018-07-13 15:31:20 +02:00
6e3ec97acf
Include request.path in legacy api password warning message ( #15438 )
2018-07-13 09:19:13 +02:00
f874efb224
By default to use access_token if hass.auth.active ( #15212 )
...
* Force to use access_token if hass.auth.active
* Not allow Basic auth with api_password if hass.auth.active
* Block websocket api_password auth when hass.auth.active
* Add legacy_api_password auth provider
* lint
* lint
2018-06-30 22:31:36 -04:00
94b55efef3
Stop supporting deprecated TLS ciphers ( #15217 )
...
* Stop supporting deprecated TLS ciphers
* Lint
2018-06-29 17:18:44 -04:00
fd38caa287
X-Forwarded-For improvements and bug fixes ( #15204 )
...
* Use new trusted_proxies setting for X-Forwarded-For whitelist
* Only use the last IP in the header
Per Wikipedia (https://en.wikipedia.org/wiki/X-Forwarded-For#Format ):
> The last IP address is always the IP address that connects to the last proxy,
> which means it is the most reliable source of information.
* Add two additional tests
* Ignore nonsense header values instead of failing
2018-06-29 16:27:06 -04:00
19f2bbf52f
Only use the X-Forwarded-For header if connection is from a trusted network ( #15182 )
...
See https://github.com/home-assistant/home-assistant/issues/14345#issuecomment-400854569
2018-06-28 09:16:11 -04:00
3921dc77a6
Add SSL peer certificate support to HTTP server ( #15043 )
...
* adding SSL peer certificate support to HTTP server
* remove unnecessary exception block
2018-06-26 11:44:08 -04:00
b92350fb55
Lint cleanup ( #15103 )
...
* Remove unneeded inline pylint disables
* Remove unneeded noqa's
* Use symbol names instead of message ids in inline pylint disables
2018-06-25 13:05:07 -04:00
5ec7fc7ddb
Backend tweaks to make authorization work ( #14339 )
...
* Backend tweaks to make authorization work
* Lint
* Add test
* Validate redirect uris
* Fix tests
* Fix tests
* Lint
2018-05-10 10:38:11 +02:00
cdd45e7878
Foundation for users ( #13968 )
...
* Add initial user foundation to Home Assistant
* Address comments
* Address comments
* Allow non-ascii passwords
* One more utf-8 hmac compare digest
* Add new line
2018-05-01 18:20:41 +02:00
e01a0f91d6
Upgrade aiohttp_cors to 0.7.0 ( #13289 )
2018-03-17 17:37:53 +01:00
0a2e949e0a
Remove crazy JSON encoding things that are no longer used ( #13029 )
...
Catch JSON encoding errors in HTTP view
2018-03-12 23:22:08 +01:00
321eb2ec6f
Move HomeAssistantView to separate file. Convert http to async syntax. [skip ci] ( #12982 )
...
* Move HomeAssistantView to separate file. Convert http to async syntax.
* pylint
* websocket api
* update emulated_hue for async/await
* Lint
2018-03-08 17:51:49 -08:00
6a5c7ef43f
Upgrade to aiohttp 3 ( #12921 )
...
* Upgrade aiohttp to 3.0.6
* Fix tests
* Fix aiohttp client stream test
* Lint
* Remove drain
2018-03-05 13:28:41 -08:00
92aeef82ef
Enable compression when sending json to client ( #11165 )
...
* Enable compression when sending json to client
Make server compress json content when transmitting to client. Json is quite verbose and compresses well.
A real world example is history_graph requested data for in my case 4 temperature sensors updating every half a second for a graph over 10 days lead to 6MB json which compressed to 200KB using deflate compression.
* Rename variable to request
* Name the variable response instead of request
2018-02-17 21:32:08 -08:00
3fd61d8f45
Update voluputous ( #12463 )
...
* Update voluputous
* Fix http config
* Fix optional with default=None
* Optional, default=none
* Fix defaults in voluptuous schemas
* Fix tests
* Fix update error
* Lint
2018-02-17 10:29:14 +01:00
f32911d036
Cleanup http ( #12424 )
...
* Clean up HTTP component
* Clean up HTTP mock
* Remove unused import
* Fix test
* Lint
2018-02-15 22:06:14 +01:00
78c44180f4
Extract data validator to own file and add tests ( #12401 )
2018-02-14 21:06:03 +01:00
Paulus Schoutsen
Jerad Meisner
Jason Hu
Ville Skyttä
Paulus Schoutsen
Hmmbob
Colin O'Dell
Robert Kiss
Fabian Affolter
Boyi C
Joakim Plate