Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to use the app with REVERSE_PROXY_AUTH #67

Open
zjean opened this issue Mar 19, 2024 · 1 comment
Open

How to use the app with REVERSE_PROXY_AUTH #67

zjean opened this issue Mar 19, 2024 · 1 comment

Comments

@zjean
Copy link

zjean commented Mar 19, 2024

Hi,
I am using the baby buddy web app configured with the REVERSE_PROXY_AUTH setting, to use my Authelia user header.
How can I use this with the mobile app as well? It would need to know how to sign in to Authelia, and extract the header, I guess.
Any ideas how I could setup this?
Thanks for this great app!

@MrApplejuice
Copy link
Collaborator

MrApplejuice commented Mar 20, 2024

Hello! First of all let me say that your setup seems to be very cool and advanced. I assume that you had to use a custom Django-config for this to work as well, is that correct?

Second, I unfortunately must say that I am not properly equipped to answer your question. I do not know how Authelia is handling authentication exactly and if the regular baby buddy authentication still is in-place? Normally, the app uses the username/password combo to do an initial login and then scrape the baby-buddy apptoken which then is used to access the app in the future.

The app does not (appear) to offer entering the apptoken directly, however, the QR-code scanner actually does this! So this is, if token authentication is still working for you(?), probably your best bet:

You could even manufacture your own QR code if you can provide some other means of authentication that is compatible with the babybuddy API access. The QR code is very much readable (JSON-)text. Here an example from my testservers:

BABYBUDDY-LOGIN:{"url":"http://localhost:9002/","api_key":"499856ac563097b26a161215f12e5913eb78637e","session_cookies":{}}

api_key is used for the traditional auth-header:

Authorization: Token 499856ac563097b26a161215f12e5913eb78637e

session_cookies is a bit of a crutch to allow the app to authenticate with homeassistant-ingress_servers. Kind of a crutch. But you can supply arbitrary cookies in that section which then will be sent alongside the Authorization header.

So, what I suggest is that you can try and populate your own QR-code here with the correct tokens etc and then try to login that way! I think it is unlikely at this point that I will have time or motivation to support a specialized authentication system that does not ship with babybuddy by default.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants