So I see you have to give a separate url to guests. Does this mean there is no way for them to access the main url? How do they login (username and password like HA user?) What happens if they open the main url? Is it also possible to restrict them in using it when a device_tracker has been logged?
I want to see if I can create a special url for guests, which they can only access when their at my home and only that url.
Not sure i follow you, the idéa of this addon is to give guests a simple link to control chosen stuff without the need of giving access to the entire HA
If your guest opens the “main url” (i guess you mean the HA url) they will be met with a login prompt i suppose.
There are no trackers or sensors involved at this time
Yes yes now I got it. Super cool.
We are getting even more hungry: is it possible to create more than one page (multiple guests)?
Maybe giving port 8888 to guest 1 port 8889 to guest 2 …??
EDIT, well of course you can create just multiple links, problem solved.
Very cool addon
well the whole point is to NOT give the main HA URL. If you want it, just give it to them with user and password, no need for any addon
Hi, so basically my question is twofolded:
can anyone with that link open the view or can I set a username password (like main HA instance). I trust my friends, but not everyone is as careful. I want to prevent that someone random that has the url can login.
Is there a way for backtrace from the guest url to the main url. So if someone only has the guest url, can they somehow find out what the HA server ip is?
Too bad tracking is not supported yet. I hoped to create a special view for guests at my house to access basic entities and only when their phone is in range.
@Klagio Yes, I am aware what the point is. The reason I ask, is because this add-on is running on the main HA server. So I am curious if somehow there is a way to login on this addon using the url and from there backtrace and access the main url and find out what my main url is. I trust my friends, but should a hacker access that url and find out what my HA server ip is, then that to me is too much of a security risk.
1, you can set a password to the link. no username thou
2, you can have a whole separate domain perhaps someone will be able to use a tool like this https://www.dnsqueries.com/en/ip_neighbors.php but it’s kind of unlikely it will show anything. Note that if you have your HA open to the internet it can be found.
Now would be cool to have a nice customizable webpage 
Yeah, i have an idéa about that.
I am considering adding a footer/header include, that way you should be able to inject html/css/javascript as you please
One final question (sorry!). Can you also create a url that is only accessible within your LAN? This would solve the device_tracker feature and all the security requirements for me.
Hi,
You can simply not forwarding the port in your firewall or set up a proxy to the internet, that way it’s only accessible from within your local network.
Thanks for the answers and tip! I will definitely try this add-on then. Perfect to create a view for house guests to control basic entities. While still having a secure HA instance.
yes pretty cool, you give the link via whatsapp (for example), and the guest have access to what they have to.
Really cool
@Klagio Would this changes fit your needs?
There are four custom entry points into the user view, that you
can use these to modify the design of the end user page
The first two are injected into the <head> section of the page, just above </head>
The two latter are injected into the <body> section, the first of which just after the opening tag,
and the footer just before closing the body.
To make use of this, you should create the files in the
/data/ directory and adjust them to fit your needs.
not know much about webpage html code, but can learn it. I think its enough being able to put a header a background, and some nice way to show switches locks and lights
Ok i added the changes, so now you can play around with it if you like
The files should be created in
[hassio installdir]/addons/data/[random-letters]_limited_guest_access/
there should be a folder called links and a file called options.json in that folder already.
Kind regards Iesus
I added the possibility to inject custom code into the user view
Hi, I don’t have nothing in addons directory. Please note other addons put the configuration files usually in the share directory.
I do not care much where it is, but in addon there is not (I just updated, perhaps need to do something?)
Haven’t heard about a share folder, perhaps that’s another option.
as far as i can tell the /data/ directory is automatically a persistent volume for a add-on, i didn’t create it and all of my installed add-ons have one (that’s where the addon configuration is stored)
In my case the full path to the add-ons data folder is:
/home/iesus/hassio/addons/data/bde1d215_limited_guest_access
(note that it’s not in the “home assistant” folder.)
/I
Ohh I never understood where those directories are (Hassio on proxmox on NUC). For many user is better that configuration files are in \config, or \addons, or \share folder
Ok i moved them to /share/ instead 