how does the server identify that the user has logged in to decide whether to serve the page or not? is it cookies? I thought a site had to at least load to get hold of that data but I guess have to be wrong
I think it first tries to authenticate you using an existing token. If it does not work, it will go to login to check your credentials and generate new token. So you does not login each time, the browser does not send your username/password/MFA. Server keeps a list of valid tokens in /profile/security. And when you authenticate, the browser and server exchange encrypted messages to validate the token.
@@shailukov7440 No, it will work for local reverse proxy too, but you will have to configure that (YAML). It will apparently still make some time, it is rather complex, they need to make significant changes to the mobile apps.
Hello Václav, thank you for another great video. My configuration is based on NGINX Reverse Proxy. As you mentioned in the video, did you test this functionality without Nabu Casa - configuration required directly in configuration.yaml? Thanks for your tip!
I personally don't think this is that big of a deal especially since I have a randomly generated password and two factor turn on my home assistant account. However more security options is never a bad thing.
As long as a normal remote free access to HA without needing geeky router configs and dynamic DNS and/or paying a proprietary nabu casa service, this topic is useless really. I personally stopped using HA for this inexistent remote access feature.
Last minute change, this will not be included in 2024.5.0, it is pulled back from the beta, and will come in a later release. Sorry!
I apologize if you already talked about it, but how about Cloudflare tunnels?
how does the server identify that the user has logged in to decide whether to serve the page or not? is it cookies?
I thought a site had to at least load to get hold of that data but I guess have to be wrong
I think it first tries to authenticate you using an existing token. If it does not work, it will go to login to check your credentials and generate new token. So you does not login each time, the browser does not send your username/password/MFA. Server keeps a list of valid tokens in /profile/security. And when you authenticate, the browser and server exchange encrypted messages to validate the token.
Interesting to see when it will be published.
Does it means that it will work for home assistant cloud only?
@@shailukov7440 No, it will work for local reverse proxy too, but you will have to configure that (YAML). It will apparently still make some time, it is rather complex, they need to make significant changes to the mobile apps.
@bruxy70 what is the difference between webui to the mobile app connection?
@@shailukov7440 They switch between local access and internet. This is where the issue is. When you left home, the mobile app stopped working.
Great information. Thanks!
Thanks for sharing.
Hello Václav, thank you for another great video. My configuration is based on NGINX Reverse Proxy. As you mentioned in the video, did you test this functionality without Nabu Casa - configuration required directly in configuration.yaml? Thanks for your tip!
I personally don't think this is that big of a deal especially since I have a randomly generated password and two factor turn on my home assistant account. However more security options is never a bad thing.
As long as a normal remote free access to HA without needing geeky router configs and dynamic DNS and/or paying a proprietary nabu casa service, this topic is useless really. I personally stopped using HA for this inexistent remote access feature.