ske087/location_managemet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add HMAC-SHA256 API authentication to board drivers and edit UI

Browse Source 
- Both olimex_esp32_c6_evb and olimex_esp32_c6_evb_pn532 drivers now
  sign every API request with X-Request-Time / X-Request-Sig headers
  using HMAC-SHA256(api_secret, METHOD:path:unix_timestamp)
- Board model gains api_secret column (nullable, default None)
- boards.py edit route saves api_secret from form
- edit.html adds API Secret input with cryptographic Generate button
- If api_secret is empty/None, headers are omitted (backward compat)
This commit is contained in:
scheianu
2026-03-15 12:33:45 +02:00
parent 1152f93a00
commit 36de1623c2
5 changed files with 117 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/models/board.py
View File

@@ -43,6 +43,11 @@ class Board(db.Model):
# Extra driver-specific config (JSON) e.g. eWeLink credentials/token
config_json = db.Column(db.Text, default="{}")
# HMAC-SHA256 shared secret for API request authentication.
# Must match API_SECRET defined in the board firmware's secrets.h.
# Leave None/empty to disable authentication (open access).
api_secret = db.Column(db.String(128), nullable=True, default=None)
# ── relationships ────────────────────────────────────────────────
workflows_trigger = db.relationship(
"Workflow", foreign_keys="Workflow.trigger_board_id",