Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to retrieve API token since v4.0.0 #99

Open
CodeFinder2 opened this issue Sep 16, 2019 · 15 comments
Open

Unable to retrieve API token since v4.0.0 #99

CodeFinder2 opened this issue Sep 16, 2019 · 15 comments

Comments

@CodeFinder2
Copy link

@CodeFinder2 CodeFinder2 commented Sep 16, 2019

Problem/Motivation

I am using this switch to temporarily disable pihole blocking which uses curl and the authentication token:
https://community.home-assistant.io/t/pi-hole-switch/22004/26

After upgrading pihole to v4.0.0, this doesn't work anymore. The sensor still works fine but this does not use (?) the same interface (I assume).

Expected behavior

Any way to get the API token or to gain access to PiHole's status and enabling/disabling it via curl or the like would do.

Actual behavior

When trying to get the token underMenu, Settings > API / Web interface > Show API token > Yes, show API token just displays "No password set". But no token.

Steps to reproduce

Install pihole and try to get the token, see above.

Home Assistant Community
yes it works: pihole_enable: curl -X GET 'http://LOCALIP:PORT/admin/api.php?enable&auth=AUTH' LOCALIP… Local Ip of your Hassio PORT: can be set within pi hole addon at --> “admin_port”: XXXX, AUTH: that was the “tricky” part. make a backup of your pihole addon (or complete Hassio Snapshot) Download this backup -> tar file open the file with 7zip (WINRAR doenst work for me) find the following file within “pihole”: setupVars.conf open it… here you will find the line WEBPASSWORD. This is you...
@addons-assistant

This comment has been minimized.

Copy link

@addons-assistant addons-assistant bot commented Sep 16, 2019

👋 Thanks for opening your first issue here! If you're reporting a 🐛 bug, please make sure you include steps to reproduce it. Also, logs, error messages and information about your hardware might be usefull.

@sinclairpaul

This comment has been minimized.

Copy link
Contributor

@sinclairpaul sinclairpaul commented Sep 17, 2019

You shouldn't need the token anymore try using localhost:4865 as the server/port. If it fails still it may need a new release.

Edit - curl -X GET 'http://localhost:4865/admin/api.php?enable

@CodeFinder2

This comment has been minimized.

Copy link
Author

@CodeFinder2 CodeFinder2 commented Sep 17, 2019

Thanks for your quick reply! Unfortunately, this still doesn't work. I simply removed the "&auth=MY_OLD_TOKEN" part in my curl commands but they do not have any effect.

More ideas? What do you mean with 'it may need a new release', what precisely needs a new release? This addon? 🙈

Thanks again! :-)

Edit: regarding your edit, yes this is exactly the command I have used. :(

@sinclairpaul

This comment has been minimized.

Copy link
Contributor

@sinclairpaul sinclairpaul commented Sep 17, 2019

#90 Should fix it, just need to wait a bit for it 😄

From when I tested I believe curl -X GET 'http://localhost:4865/admin/api.php' would work and get the status, but the enable/disable would fail.

@CodeFinder2

This comment has been minimized.

Copy link
Author

@CodeFinder2 CodeFinder2 commented Sep 17, 2019

Exactly, status works but enable/disable does not. 🙈

@nickdos

This comment has been minimized.

Copy link

@nickdos nickdos commented Oct 23, 2019

I'm also trying to get this to work. FYI here's the use-case: https://www.reddit.com/r/pihole/comments/bvq5aq/pihole_quick_enabledisable_toggle_for_apples_ios/

reddit
I wanted a quick and easy way to toggle my Pi-hole on/off from my phone when needed, so I made a simple iOS Shortcut to take advantage of the API....
@sinclairpaul

This comment has been minimized.

Copy link
Contributor

@sinclairpaul sinclairpaul commented Oct 23, 2019

Please wait for the next release in which the issue should be resolved.

@desiredbean

This comment has been minimized.

Copy link

@desiredbean desiredbean commented Oct 24, 2019

For my use that works for status but not turning on and off, to turn off I use curl -X GET 'http://localhost:4865/admin/api.php?disable=3600&auth=' I just removed the API token and it worked for me.

@CodeFinder2

This comment has been minimized.

Copy link
Author

@CodeFinder2 CodeFinder2 commented Nov 26, 2019

Please wait for the next release in which the issue should be resolved.

Any plans for a new release yet?

@wyx087

This comment has been minimized.

Copy link

@wyx087 wyx087 commented Dec 27, 2019

Inspired by the curl URL, I've found you can use the following configuration for HA:

pi_hole:
  host: localhost:4865
  api_key: ""

I've successfully ran pi_hole.disable and .enable from HA to control the pi-hole HassIO addon.

So perhaps a minor documentation change is all that's needed.
Add the api_key: "" line in this section.

@CodeFinder2 CodeFinder2 changed the title Unable to retrieve API zoken since v4.0.0 Unable to retrieve API token since v4.0.0 Dec 28, 2019
@CodeFinder2

This comment has been minimized.

Copy link
Author

@CodeFinder2 CodeFinder2 commented Dec 31, 2019

Thanks @wyx087, that's working for me as well (see also here)!

Nonetheless and IMHO, this is considered a bug so it should be fixed as stated by sinclairpaul.

whattheschnell added a commit to whattheschnell/home-assistant.io that referenced this issue Jan 3, 2020
whattheschnell added a commit to whattheschnell/home-assistant.io that referenced this issue Jan 3, 2020
@whattheschnell whattheschnell mentioned this issue Jan 3, 2020
2 of 2 tasks complete
@alderete

This comment has been minimized.

Copy link

@alderete alderete commented Jan 15, 2020

While I am also able to disable the Pi-Hole addon by using the auth='' (empty token) trick, I can do that from any machine on my network. That seems like a security issue.

Any movement on making it possible to set a password for the Pi-Hole addon, so that there's a real API token?

@sinclairpaul

This comment has been minimized.

Copy link
Contributor

@sinclairpaul sinclairpaul commented Jan 15, 2020

The challenge is around allowing ingress access, and meeting the app security.

#114

This PR would enforce API access from HA/localhost only.

@alderete

This comment has been minimized.

Copy link

@alderete alderete commented Jan 15, 2020

I get that it's a tricky technical challenge. :-)

But, I don't think the right solution is to restrict API access to Home Assistant-only. That would mean that I can only use Home Assistant to enable/disable, which is quite limiting.

For example, I have an iOS app called PHRemote that gives a nice, simple interface for disabling for various lengths of time. And there's a project on GitHub for a similar app, that I've thought about hacking on for my own enjoyment, to have absolute control over the UX.

I get that I can customize my Home Assistant user interface to give me a similarly simple UX. But I'm not the only user on my network, and getting the other residents of the house to use the Home Assistant app, or connect to the web interface, is not a simple undertaking. And blocking them from their Internet memes and other stuff is not going to go over well. I gotta have something simple to offer them.

@sinclairpaul

This comment has been minimized.

Copy link
Contributor

@sinclairpaul sinclairpaul commented Jan 15, 2020

From the PR May be worth considering making this configurable in the use case of controlling Pi-Hole external to HA?

Please consider that we get numerous requests from different users, in this case, we could enable API token usage again, but you will then also be prompted to login to the application, which then means moving the authentication to ingress becomes invalid.

Unfortunately it really isn't possible to please 100% of the people 100% of the time 😉

PS - I don't believe that Ad guard home has these issues.....

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
6 participants
You can’t perform that action at this time.