Connection error 401 each time iOS app is started

Mobile Apps Home Assistant Companion for Apple
1

I’m running Home Assistant 0.101.2, using Duck DNS and Dehydrated to access it remotely over HTTPS, the iOS app is running version 0.94.1.

I have an issue with the iOS giving me a connection error each time I start the app, if it’s opened from the background it’s often able to connect to Home Assistant immediately but a “cold start” always gives me:

screenshot_obscured

If I close the alert and press Done to close the settings screen it will connect without any issues. Once I’ve successfully connected I’m able to switch network, connect using both local and remote IPs etc and the mobile app will just reconnect without any error. But if I restart the app or wait an hour or so before opening it from the background it will show the connection error again.

Whenever this happens, there is a notification added to Home Assistant with the follow text:

Login attempt failed
Login attempt or request with invalid authentication from [IP ADDRESS]

The IP address in the notification is my router’s IP address if I’m connected to my home network and the iPhone’s public IP if I’m connecting from outside of my home network.

I don’t think it behaved like this when I setup Duck DNS about a year ago, but it’s been happening for at least 8-9 months now.

This is the HTTP part from configuration.yaml

http:
  ssl_certificate: !secret ssl_certificate
  ssl_key: !secret ssl_key
  base_url: !secret base_url

Anyone know what’s wrong and what I should change to fix it? Even if I’m able to access Home Assistant from both home network and remotely through the app, it’s irritating that it occurs.

2

Hey martin,

I got this problem too. I just tried click the discovered HA and leave all blanks. And enter the passcode from the webpage. It works.

3

I’ve been having this problem forever. I don’t expose my HASS instance to the Internet, instead, I access it via VPN when I’m not at home using http. I have not installed a certificate, so no HTTPS. I’d like to, however, but not before resolving this problem.

Here are logs that resulted from tapping “Validate and Save Connection Settings” in the app’s settings screen a couple of times:

2019-11-03 18:31:33 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 10.1.4.201 for /api/config using bearer token
2019-11-03 18:31:33 DEBUG (MainThread) [homeassistant.components.http.view] Serving /api/config to 10.1.4.201 (auth: True)
2019-11-03 18:31:33 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 10.1.4.201 for /api/history/period/2019-11-02T22:31:01.629Z using bearer token
2019-11-03 18:31:33 DEBUG (MainThread) [homeassistant.components.http.view] Serving /api/history/period/2019-11-02T22:31:01.629Z to 10.1.4.201 (auth: True)
2019-11-03 18:31:34 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 10.1.4.201 for /api/config using bearer token
2019-11-03 18:31:34 DEBUG (MainThread) [homeassistant.components.http.view] Serving /api/config to 10.1.4.201 (auth: True)
2019-11-03 18:31:34 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 10.1.4.201 for /manifest.json using bearer token
2019-11-03 18:31:34 DEBUG (MainThread) [homeassistant.components.http.view] Serving /manifest.json to 10.1.4.201 (auth: True)
2019-11-03 18:31:34 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 10.1.4.201 for /api/states using bearer token
2019-11-03 18:31:34 DEBUG (MainThread) [homeassistant.components.http.view] Serving /api/states to 10.1.4.201 (auth: True)
2019-11-03 18:31:34 DEBUG (MainThread) [homeassistant.components.http.view] Serving /api/websocket to 10.1.4.201 (auth: False)
2019-11-03 18:31:34 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 10.1.4.201 for /api/ios/identify using bearer token
2019-11-03 18:31:34 DEBUG (MainThread) [homeassistant.components.http.view] Serving /api/ios/identify to 10.1.4.201 (auth: True)
2019-11-03 18:31:34 DEBUG (MainThread) [homeassistant.components.http.auth] Authenticated 10.1.4.201 for /api/history/period/2019-11-02T22:31:34.952Z using bearer token
2019-11-03 18:31:34 DEBUG (MainThread) [homeassistant.components.http.view] Serving /api/history/period/2019-11-02T22:31:34.952Z to 10.1.4.201 (auth: True)

Looks hunky-dory. Then I try to tap the location update button:

2019-11-03 18:31:41 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 10.1.4.201
2019-11-03 18:31:41 DEBUG (MainThread) [homeassistant.core] Bus:Handling <Event call_service[L]: domain=persistent_notification, service=create, service_data=title=Login attempt failed, message=Login attempt or request with invalid authentication from 10.1.4.201, notification_id=http-login>
2019-11-03 18:31:41 DEBUG (MainThread) [homeassistant.core] Bus:Handling <Event state_changed[L]: entity_id=persistent_notification.http_login, old_state=None, new_state=<state persistent_notification.http_login=notifying; title=Login attempt failed, message=Login attempt or request with invalid authentication from 10.1.4.201 @ 2019-11-03T18:31:41.456699-05:00>>
2019-11-03 18:31:41 DEBUG (MainThread) [homeassistant.components.websocket_api.http.connection.139651584766416] Sending {'id': 2, 'type': 'event', 'event': <Event state_changed[L]: entity_id=persistent_notification.http_login, old_state=None, new_state=<state persistent_notification.http_login=notifying; title=Login attempt failed, message=Login attempt or request with invalid authentication from 10.1.4.201 @ 2019-11-03T18:31:41.456699-05:00>>}
2019-11-03 18:31:41 DEBUG (MainThread) [homeassistant.components.websocket_api.http.connection.139651633414672] Sending {'id': 2, 'type': 'event', 'event': <Event state_changed[L]: entity_id=persistent_notification.http_login, old_state=None, new_state=<state persistent_notification.http_login=notifying; title=Login attempt failed, message=Login attempt or request with invalid authentication from 10.1.4.201 @ 2019-11-03T18:31:41.456699-05:00>>}
2019-11-03 18:31:41 DEBUG (MainThread) [homeassistant.components.websocket_api.http.connection.139651624935952] Sending {'id': 2, 'type': 'event', 'event': <Event state_changed[L]: entity_id=persistent_notification.http_login, old_state=None, new_state=<state persistent_notification.http_login=notifying; title=Login attempt failed, message=Login attempt or request with invalid authentication from 10.1.4.201 @ 2019-11-03T18:31:41.456699-05:00>>}
2019-11-03 18:31:41 DEBUG (MainThread) [homeassistant.components.websocket_api.http.connection.139651584766416] Sending {'id': 85, 'type': 'result', 'success': True, 'result': [{'notification_id': 'http-login', 'message': 'Login attempt or request with invalid authentication from 10.1.4.201', 'status': 'unread', 'title': 'Login attempt failed', 'created_at': datetime.datetime(2019, 11, 3, 23, 31, 41, 457112, tzinfo=<UTC>)}]}
2019-11-03 18:31:41 DEBUG (MainThread) [homeassistant.components.websocket_api.http.connection.139651633414672] Sending {'id': 34, 'type': 'result', 'success': True, 'result': [{'notification_id': 'http-login', 'message': 'Login attempt or request with invalid authentication from 10.1.4.201', 'status': 'unread', 'title': 'Login attempt failed', 'created_at': datetime.datetime(2019, 11, 3, 23, 31, 41, 457112, tzinfo=<UTC>)}]}
2019-11-03 18:31:41 DEBUG (MainThread) [homeassistant.components.websocket_api.http.connection.139651624935952] Sending {'id': 21, 'type': 'result', 'success': True, 'result': [{'notification_id': 'http-login', 'message': 'Login attempt or request with invalid authentication from 10.1.4.201', 'status': 'unread', 'title': 'Login attempt failed', 'created_at': datetime.datetime(2019, 11, 3, 23, 31, 41, 457112, tzinfo=<UTC>)}]}

Not great. I don’t have an ip_bans.yaml. The app’s event log isn’t really providing any useful information. What exactly does “Login attempt or request with invalid authentication” mean?

4

And, after a bit more reading, I found that this was related to DNS. I only publish my hass instance’s IP on internal DNS. My external DNS view does have an A record for hass, but that isn’t doing anything right now.

In any event, I ensured my phone will now receive the IP from the internal DNS view when resolving the address, and all seems to be working now.

Martin, hope this helps.

5

Thanks fo the replies, the somewhat easy solution suggested by sasukebinbin worked for me. I just clicked the discovered Home Assistant server and signed-in again using my username and password and it’s been working okay since then. The same solution worked for two different devices with different users that both had the same problem.

Since the app was able to auto-login by just dismissing the settings screen I assumed the credentials were properly accessible, so it never crossed my mind that this could work.