Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature request]: Allow to define user authentication for websocket server #66

Closed
fragger42 opened this issue Dec 29, 2021 · 3 comments
Closed

[Feature request]: Allow to define user authentication for websocket server #66

fragger42 opened this issue Dec 29, 2021 · 3 comments
Assignees
@bropat
Labels
enhancement New feature or request

Comments

@fragger42
Copy link
Contributor

Describe the solution you'd like

The Eufy Security Websockets server allows a pretty large control over the used cameras. However, apart from setting the port and a permission limited eufy cloud user, there is no possibility to secure it. As it is also as a base for other projects I fear that security issues might arise.
Therefore, I ask for two new features:

  1. Allow to restrict the server to listen to localhost only and set this as default. This would be enough for most users to keep them reasonable safe as in most usage scenarios the client will be on the same server. I can furthermore imagine users with multiple network interfaces who also want to have a setting for the listening network interface instead of "all".
  2. Allow setting user/password for client connections to the websocket server so that it is possible to secure the websocket server in some way. However, this would break compatibility to external programs using the websocket server so it would be a good idea to make it optional.
@fragger42 fragger42 added the enhancement New feature or request label Dec 29, 2021
@fragger42 fragger42 mentioned this issue Dec 31, 2021
Merged
@fragger42
Copy link
Contributor Author

I propose the patch in my pull request to fix the first part. For the second part, I unfortunately don't have a clue on my own how to do this.

@bropat bropat self-assigned this Jan 10, 2022
bropat added a commit that referenced this issue Feb 5, 2022
@bropat
Incremented schema version to 9
00b092b 
Added new commands `setLogLevel`, `getLogLevel`, `startListeningLogs`, `stopListeningLogs` and `isMqttConnected` to Driver
Added new Driver events `mqttConnected`, `mqttDisconnected` , `logLevelChanged` and `logging`
Added new property `mqttConnected` to Driver
Added new command `calibrateLock` to Device
Added new properties `lockSettingsAutoLock`, `lockSettingsAutoLockTimer`, `lockSettingsAutoLockSchedule`, `lockSettingsAutoLockScheduleStartTime`, `lockSettingsAutoLockScheduleEndTime`, `lockSettingsOneTouchLocking`, `lockSettingsWrongTryProtection`, `lockSettingsWrongTryAttempts`, `lockSettingsWrongTryLockdownTime`, `lockSettingsScramblePasscode`, `lockSettingsSound`, `lockSettingsNotification`, `lockSettingsNotificationUnlocked` and `lockSettingsNotificationLocked` to Device
Added support for Smart Lock Touch & Wifi (T8520; #36)
Implemented feature request #66
Fixed issue #74
Fixed issue #57
Updated dependency eufy-security-client to 1.6.2
Updated dependency commander to 9.0.0
Updated dependency tslog to 3.3.1
Updated dependency ws to 8.4.2
@bropat
Copy link
Owner

bropat commented Feb 5, 2022

Implemented the first part

@bropat bropat changed the title [Feature request]: Allow to define listening address and user authentication for websocket server [Feature request]: Allow to define user authentication for websocket server Aug 25, 2022
@bropat
Copy link
Owner

bropat commented Dec 3, 2023

If you want to add authentication, add authentication middleware to your Express instance or run NGINX in front of Express instance.

@bropat bropat closed this as completed Dec 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bropat bropat

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bropat @fragger42