Easy Pin feature

[Angelblue05 4130]

I would like to know about the easy pin feature. It seems to work well with the way I implemented it in Kodi, however I realized it's only for in-network access. The problem is, the server seems to returns the "hasConfiguredEasyPassword" key in the api, even if the client is accessing externally. Is there a way to prevent this? Or how would I go about knowing if the server is being accessed locally or externally before authentication to show the appropriate password dialog (numeric or alphanumeric)?

 

I'm currently verifying the following for easy pin: if user has a password, if easy pin is configured and if it's enabled.

 

Am I missing something?

I could technically get it to work if I verify if the user is using the setting to force to play files over HTTP, but it's not a great solution as I've seen people doing this on their local network.

 

 

Thanks!

Edited April 16, 2015 by Angelblue05

[Angelblue05 4130]

Well after some research, I have finally found what I was looking for in the HTTP API: System/Endpoint   Would have never guessed it   Thought it might be useful for someone to know this, someday!

 

Edit: Apparently you need to be authenticated to request this information. So I can't use it to set the proper password dialog....

 

@@ebr @@Luke Sorry to bother, but what can I do here? 

Edited April 16, 2015 by Angelblue05

[ebr 14913]

Probably will require a change to the behavior of the API.  Seems to me like the property should be "EasyPinIsValid" instead of is configured since that is what the client really wants to know.

[Angelblue05 4130]

Probably will require a change to the behavior of the API.  Seems to me like the property should be "EasyPinIsValid" instead of is configured since that is what the client really wants to know.

Okie dokie! Yes it sounds like a better way to go about it. As long as we are able to know if the client should use EasyPin based on the connection(local/network vs external) it should do the trick

 

Thanks a lot for your time ebr!

[Luke 37064]

not your responsibility to worry about this. just do what the web client is doing, which is nothing and letting the server worry about it.

[ebr 14913]

not your responsibility to worry about this. just do what the web client is doing, which is nothing and letting the server worry about it.

 

But I thought you said you added that property expressly for the purpose he is using it - to decide whether or not to show a numeric only OSK...?

[Luke 37064]

i'll have to go back over it but some of you raised some concerns so i never actually had the server force it to be numeric. i don't remember what they were. the only thing you know about it is that it's going to be shorter.

[ebr 14913]

 

The client really shouldn't care whether the password is complex or easy, right?  I mean, we just send whatever password they type and the server handles whether or not it is valid in the given context.

 

yes that is correct, although if we want the server can provide that info to allow you to display a numeric input. i think that would be neat, and if limited to inside the home, shouldn't be considered a security flaw.

 

 

In the end, I didn't really agree with that approach because the determination is based on local or remote instead of the device in use.  So, that means your password entry would change on your phone based on whether you were remote or inside the home (if the client implemented this type of logic).  But that was the original intention.

 

In short - Angel - I suggest you do what Luke said and forget about the special presentation.  Most people with Kodi will have a remote control with number keys anyway.

[Angelblue05 4130]

Ok! I will do as Luke said, then. The user will have to remember which password to use, when, without a visual cue.

 

Thanks guys! 

Edited April 16, 2015 by Angelblue05