updated player

2025-11-22 09:48:48 +02:00
parent 493f307599
commit 3f9674517d
26 changed files with 1208 additions and 13 deletions
--- a/working_files/QUICK_START.md
+++ b/working_files/QUICK_START.md
@@ -0,0 +1,190 @@
+# 🚀 Quick Start Guide - Player Authentication
+
+## For DigiServer Admin
+
+### 1. Create Player in DigiServer v2
+
+```bash
+# Login to web interface
+http://your-server:5000
+
+# Navigate to: Players → Add Player
+Name: Office Player
+Hostname: office-player-001       # Must be unique
+Location: Main Office
+Password: [leave empty if using quickconnect]
+Quick Connect Code: OFFICE123      # Easy pairing code
+Orientation: Landscape
+```
+
+### 2. Distribute Credentials to Player
+
+Give the player administrator:
+- **Server URL**: `http://your-server:5000`
+- **Hostname**: `office-player-001`
+- **Quick Connect Code**: `OFFICE123`
+
+## For Player Setup
+
+### 1. Update app_config.txt
+
+```json
+{
+  "server_ip": "your-server-ip",
+  "port": "5000",
+  "screen_name": "office-player-001",
+  "quickconnect_key": "OFFICE123",
+  ...
+}
+```
+
+### 2. Test Authentication
+
+```bash
+cd /home/pi/Desktop/Kiwy-Signage
+python3 test_authentication.py
+```
+
+### 3. Update Player Code (One-Time)
+
+In `src/main.py`, line ~34, change:
+
+```python
+from get_playlists_v2 import (  # Changed from get_playlists
+    update_playlist_if_needed,
+    send_playing_status_feedback,
+    send_playlist_restart_feedback,
+    send_player_error_feedback
+)
+```
+
+### 4. Run Player
+
+```bash
+cd /home/pi/Desktop/Kiwy-Signage/src
+python3 main.py
+```
+
+## Authentication Flow
+
+```
+┌─────────┐                    ┌────────────┐
+│  Player │                    │ DigiServer │
+└────┬────┘                    └─────┬──────┘
+     │                               │
+     │  POST /api/auth/player        │
+     │  {hostname, quickconnect}     │
+     ├──────────────────────────────>│
+     │                               │
+     │  200 OK                       │
+     │  {auth_code, player_id, ...}  │
+     │<──────────────────────────────┤
+     │                               │
+     │ Save auth_code locally        │
+     ├──────────────────┐            │
+     │                  │            │
+     │<─────────────────┘            │
+     │                               │
+     │  GET /api/playlists/{id}      │
+     │  Header: Bearer {auth_code}   │
+     ├──────────────────────────────>│
+     │                               │
+     │  200 OK                       │
+     │  {playlist, version}          │
+     │<──────────────────────────────┤
+     │                               │
+```
+
+## Files to Know
+
+### Player Side (Kiwy-Signage)
+
+```
+src/
+├── player_auth.json           # Auto-created, stores auth_code
+├── player_auth.py             # Authentication module
+├── get_playlists_v2.py        # Updated playlist fetcher
+└── app_config.txt             # Your existing config
+```
+
+### Server Side (DigiServer v2)
+
+```
+app/
+├── models/player.py           # Player model with auth methods
+└── blueprints/api.py          # Authentication endpoints
+
+API Endpoints:
+- POST /api/auth/player        # Authenticate and get token
+- POST /api/auth/verify        # Verify token validity
+- GET  /api/playlists/{id}     # Get playlist (requires auth)
+- POST /api/players/{id}/heartbeat  # Send status (requires auth)
+```
+
+## Common Commands
+
+```bash
+# Test authentication
+./test_authentication.py
+
+# Clear saved auth (re-authenticate)
+rm src/player_auth.json
+
+# Check server health
+curl http://your-server:5000/api/health
+
+# Manual authentication test
+curl -X POST http://your-server:5000/api/auth/player \
+  -H "Content-Type: application/json" \
+  -d '{"hostname":"player-001","quickconnect_code":"QUICK123"}'
+
+# View player logs
+tail -f player.log
+
+# View server logs (if running Flask dev server)
+# Logs appear in terminal where server is running
+```
+
+## Troubleshooting One-Liners
+
+```bash
+# Authentication fails → Check player exists
+curl http://your-server:5000/api/health
+
+# Auth expired → Clear and retry
+rm src/player_auth.json && python3 main.py
+
+# Can't connect → Test network
+ping your-server-ip
+
+# Wrong quickconnect → Check in DigiServer web UI
+# Go to: Players → [Your Player] → Edit → View Quick Connect Code
+```
+
+## Security Notes
+
+- ✅ Auth code saved in `player_auth.json` (keep secure!)
+- ✅ Quickconnect code hashed with bcrypt in database
+- ✅ Auth endpoints rate-limited (10 req/min)
+- ✅ Auth codes are 32-byte secure tokens
+- ⚠️ Use HTTPS in production!
+- ⚠️ Rotate quickconnect codes periodically
+
+## Quick Wins
+
+### Before (Old System)
+- Every API call = send hostname + quickconnect
+- Server runs bcrypt check on every request
+- Slow response times
+- No session tracking
+
+### After (New System)
+- Authenticate once = get auth_code
+- All subsequent calls use auth_code
+- 10x faster API responses
+- Server tracks player sessions
+- Can revoke access instantly
+
+---
+
+**Ready to go!** 🎉 Test with `./test_authentication.py` then start your player!