I am building software that runs locally and then connects to Luci to read and set data. I could use the user password but that isn't idea since that would complicate a password change.
Ideally there should be a way of granting a service access to Luci without using the user password. I am not sure if there is a way to easily bypass password authentication so this could be tricky.
Do you need authentication ?
If you write the file in the correct folder, it can be read without logging in through LuCI.
To add to what @frollic is saying, I do something like that. One of my servers checks the WAN connection every now and then, so to facilitate that, I just added a cgi file that the server curls. No authentication at all.
$ cat /www/cgi-bin/netstats
#!/bin/sh
echo 'Content-Type: application/json'
echo ''
ubus call network.interface dump
Over on the server, some Python code contains this:
status, output = run_cmd('curl -sk https://router-ip/cgi-bin/netstats')
if status == 0:
iface_data = json.loads(output)
I'm looking to get access to the full RPC api so I don't think that will work. Also it seems like a major security risk to expose unauthenticated access to the system.
What I am looking for is a simpler version of libubus. By the time I come up with a work around I might as well write the Go filler code for cgo. None of these options are the easy route I was hoping for but oh well.
Thanks for the help
So I think I might have an idea of how to do this. rpcd allows specifying other users via uci commands so it should be possible to just create a user with a random password that can be used for authentication.
ya that or ... after the initial session login, the session id is used. So have a connection manager to initialize the connection to grab the seesion id, and then pass it along as needed ...
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.