A few days ago my power walls updated to 20.49.0, which includes "Improved security for local gateway interface for Gateway 1 and Gateway 2". When attempting to access some of the API's, such as "api/site_info/site_name" its reporting "{"code":403,"error":"Unable to GET to resource","message":"User does not have adequate access rights"}". When logging in via the UI, the API's work, so it seems auth is now enforced. The API supports an auth attempt but the tokens only last for an hour. Does the plugin support auth somehow or does this need an update?
-
-
Powerwall plugin logs are reporting this.
10/02/2021 08:12:09
Tesla Powerwall
Error
Cannot get site master from Gateway xxx.xxx.xxx.xxx The given key 'site_name' was not present in the dictionary.
10/02/2021 08:12:09
Tesla Powerwall
Trace
Request complete with status Forbidden
10/02/2021 08:12:09
Tesla Powerwall
Trace
Requesting https://xxx.xxx.xxx.xxx/api/site_info/site_name
10/02/2021 08:12:09
Tesla Powerwall
Info
Attempting to connect to Gateway at IP "xxx.xxx.xxx.xxx"
-
That's annoying. What harm could there possibly be in exposing real-time energy metrics on the LAN? If a malicious actor is on your LAN, you probably have bigger problems...
I'll have to update the plugin to authenticate with the API.Comment
-
Thanks. I'm running HS4 on a raspberry pi. Happy to test anything if needed.Comment
-
I've added support for logging into the API and submitted the new version to the plugin updater, which is pending approval by HS.
You could download the new version directly from GitHub and try it. My Gateway hasn't updated to 20.49.0 yet so I wasn't able to test the final build, but I did try it with an endpoint that requires authentication in older firmware and it seemed to work.Comment
-
nice, looks like it works. entered my credentials and it loaded up. I'll run it overnight and see if it has any issues. Thanks!Comment
Comment