Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature]: support for authenticated API calls #15

Open
LeoSpyke opened this issue Sep 6, 2024 · 5 comments
Open

[feature]: support for authenticated API calls #15

LeoSpyke opened this issue Sep 6, 2024 · 5 comments

Comments

@LeoSpyke
Copy link

LeoSpyke commented Sep 6, 2024

Starting from version 0.14.0, Frigate introduced the support for authenticated UI and API interactions, thus deprecating the old endpoint (exposed on port 5000).

Leaving such port open is a security flaw that now can be natively solved without relying on 3rd party tools (like Authelia or other proxies) for authentication but still, this tool does not support authenticated HTTP calls yet.

Anyway, I really appreciate what you are doing, it saved my life (and home) 💪
@OldTyT
Copy link
Owner

OldTyT commented Sep 6, 2024

Hi!
Thanks for the issue.
I researched and found out that authentication is probably still in development and has not reached its endpoint.
Because:

A web server is available on port 5000 with the following endpoints.

Currently, authorization works as follows:

  • We send a POST request to the /api/login endpoint with the data {"user": "USERNAME", "password": "PASSWORD"}
  • We receive data from the server in cookies:
    2024-09-06_13-11
  • Then, using the received token in cookies, we set it in headers and make a request
    image

It's too confusing(

A request to add HTTP digest authorization has been created - blakeblackshear/frigate#13297

Therefore, I suggest waiting a couple of months and seeing what will be changed.

@LeoSpyke

@rabner rabner mentioned this issue Oct 1, 2024
Open
@pixielark pixielark mentioned this issue Oct 19, 2024
Closed
@OldTyT
Copy link
Owner

OldTyT commented Nov 9, 2024

Hurray! The description of the authorization API appeared in 0.15.0 beta 1. Docs
We are waiting...

@TheSleepySlee
Copy link

TheSleepySlee commented Jan 2, 2025
edited
Loading

Hello,

Is this the reason why I am getting this error on 0.15 beta4 from Frigate:

INFO: 2025/01/02 20:12:45 main.go:76: Authorized on account XXX_bot
2025/01/02 20:12:48 Conflict: terminated by other getUpdates request; make sure that only one bot instance is running
2025/01/02 20:12:48 Failed to get updates, retrying in 3 seconds...

EDIT: seems not related. I faced cache issue. Optional cache set to 10MB only it seems, was too small for me, update it to 300MB and now working fine.

@OldTyT
Copy link
Owner

OldTyT commented Jan 3, 2025

Hello,

Is this the reason why I am getting this error on 0.15 beta4 from Frigate:

INFO: 2025/01/02 20:12:45 main.go:76: Authorized on account XXX_bot
2025/01/02 20:12:48 Conflict: terminated by other getUpdates request; make sure that only one bot instance is running
2025/01/02 20:12:48 Failed to get updates, retrying in 3 seconds...

EDIT: seems not related. I faced cache issue. Optional cache set to 10MB only it seems, was too small for me, update it to 300MB and now working fine.

Error:

Conflict: terminated by other getUpdates request; make sure that only one bot instance is running

It's not related to this topic. This can be caused by two running bots at the same time.

@OldTyT
Copy link
Owner

OldTyT commented Jan 3, 2025

@TheSleepySlee ^^^

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@TheSleepySlee @OldTyT @LeoSpyke