Anyone have an automation that makes an app notification on a failed login? Everything I’ve tried isn’t working. If you can post the code, that would be great. Thanks
This is what I’ve been using:
alias: Bad login
description: ""
triggers:
- update_type: added
trigger: persistent_notification
conditions:
- condition: template
value_template: >
{% set message = trigger.notification.message %} {{'Too many login
attempts' in message or
'invalid authentication' in message or 'login attempt' in message}}
actions:
- data:
title: Failed HA login!
message: >-
http://www.ip-tracker.org/locator/ip-lookup.php?ip={{trigger.notification.message.split('from
')[1]}}
action: notify.mobile_app_my_iphone
1 Like
This works great, thank you. Just curious, I get the notification with the ip-tracker.org, but clicking on the notification just brings me to the HA home screen. Is this URL supposed to run the IP address?
I wrote that a long time ago and never bothered to update it to make it a clickable URL. This should do that, but I can’t test to confirm if the insertion of IP address via the template part actually works. I’ve only tested it from my local network and you can’t look up a non-routable IP.
alias: Bad login
description: ""
triggers:
- update_type: added
trigger: persistent_notification
conditions:
- condition: template
value_template: >
{% set message = trigger.notification.message %} {{'Too many login
attempts' in message or
'invalid authentication' in message or 'login attempt' in message}}
actions:
- action: notify.mobile_app_my_iphone
data:
title: Failed HA login!
message: Click to view...
data:
url: >-
http://www.ip-tracker.org/locator/ip-lookup.php?ip={{trigger.notification.message.split('from
')[1]}}
Edit:
Looking at the logs when I test it with a bad login it appears that the IP is reported with the format: 192.168.0.11 (192.168.0.11)
Login attempt or request with invalid authentication from 192.168.0.11 (192.168.0.11). Requested URL: '/api/websocket'. (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36)
So you’d need to figure out how to change the template to parse out just the IP address. I do most of my automations in Node Red, so I’ll work on it there…
Got it working…
alias: Bad login
description: ""
triggers:
- update_type: added
trigger: persistent_notification
conditions:
- condition: template
value_template: >
{% set message = trigger.notification.message %} {{'Too many login
attempts' in message or
'invalid authentication' in message or 'login attempt' in message}}
actions:
- action: notify.mobile_app_my_iphone
data:
title: Failed HA login!
message: >-
Bad login from
{{trigger.notification.message.split('(')[1].split(')')[0] }} Click to
view...
data:
url: >-
http://www.ip-tracker.org/locator/ip-lookup.php?ip={{trigger.notification.message.split('(')[1].split(')')[0]
}}
This works perfectly, thanks. Just curious, is there a way to blacklist an IP once it detects an invalid login? Also, although not really needed, is there a way to have a notification even on successful logins? I am running a reverse proxy, so I don’t know if that complicates it.
P.S. I have Node-Red set up as well.
You can use ip_ban_enabled https://www.home-assistant.io/integrations/http/
I’m guessing that if you set the threshold to 1 there will be no second attempt possible. Careful - don’t lock yourself out!
I don’t have anything for a successful login. To notify when HA starts or shuts down:
triggers:
- event: start
trigger: homeassistant
triggers:
- event: shutdown
trigger: homeassistant
By any chance to you have the code you can share for the start/stop?
I have a delay between the startup and the notify to make sure all integrations are loaded.
alias: HA Startup Notify
description: Turn Off Irrigation Valves at HA Startup
triggers:
- event: start
trigger: homeassistant
conditions: []
actions:
- delay:
hours: 0
minutes: 0
seconds: 30
milliseconds: 0
- data:
message: HA Start {{ now().strftime('%H:%M %A %d %B %Y') }}
title: Home Assistant
data:
push:
sound: Calypso.caf
action: notify.mobile_app_my_iphone
mode: single
1 Like