I am trying to setup the static website as detailed here:
However within the index.html a password is required to access the MQTT EventStream, which is the same password used to login in to the main front end.
The problem with this is that it makes the password readable to anyone who views the source of the index.html
I don’t think there is a workaround for this problem. Even if you had some encrypted version of the password, the browser would need to decrypt it to do the authentication.
If it’s something you have done yourself, you could use localStorage to save the password locally. This however would require some mechanism to save the password. And it would need to be entered whenever you open the site for the first time.
I’ve since been trying to use the RestAPI and run it from a local html file but now I’m stuggling with CORS issues, so you might see another post from me soon.