-
|
Is it possible to use the triple-md5 hashed value in docker-compose instead of the actual password for WYZE_PASSWORD to authenticate with the Wyze API? It seems odd/insecure to store the raw password. That is how it is described in the Wyze API login instructions, and is also how wyze-bridge is authenticating the user in docker-wyze-bridge/app/wyzecam/api.py function
|
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
Keep in mind that most of the codebase predates the creation of the official Wyze API authentication endpoint, and Wyze has also modified their hashing methods in the past. I pushed some changes to allow pre-hashed password. You can now pass the hashed password by using the following format in your docker-compose file: WYZE_PASSWORD=hashed:your-tripple-hashed-password |
Beta Was this translation helpful? Give feedback.
-
|
Thank you @mrlt8. I have changed my configuration, and it appears to be working. Here is a sample shell script if anyone would like to generate the hashed format for their password. #!/bin/bash
# Remove the -s arg if you'd like to display the password as typed into the console.
read -s -p 'Enter password to be hashed: ' password
# Apply MD5 hash 3 times
for i in {1..3}; do
password=$(printf '%s' $password | md5sum | sed 's/ .*//')
done
echo -e '\n\nOutput:'
echo WYZE_PASSWORD=hashed:$password
echo |
Beta Was this translation helpful? Give feedback.
Keep in mind that most of the codebase predates the creation of the official Wyze API authentication endpoint, and Wyze has also modified their hashing methods in the past.
I pushed some changes to allow pre-hashed password. You can now pass the hashed password by using the following format in your docker-compose file:
WYZE_PASSWORD=hashed:your-tripple-hashed-password