Update from 0.72 to 0.78.3 Authentication Question

FunkyBoT · September 23, 2018, 1:05am

I have been using 0.72 for a while with no reason to update. I’m not using a password, since HA is not open to the internet.
So, with the new authentication system, should I define a password before updating to the last version 0.78.3? Is there anything more I should know?
Could someone please give me an advice and clarification about this? I am using 0.72 Raspbian manual installation if it makes any difference.
Thanks.

nickrout · September 23, 2018, 6:12am

I am not sure if you need to add a password before upgrading, but I would as the old auth still works. So do that and make sure it works.

The first time 0.78 runs you will be asked to create a new user and password, or to log in via the old system which just requires a password. Create the new user, it will be the ‘master’ user, controlling other user accounts.

Also, do look through the breaking changes notes for all the releases inbetween, and be ready for their gotchas.

FunkyBoT · September 24, 2018, 1:49am

Thanks for the tips.
I added an API password, restarted and updated to 0.78.3.
Then it asked to include an user and password, as you have said.
So now I can access using the API password and user/password with no problems EXCEPT:

A card is showing:
“Login attempt failed
Login attempt or request with invalid authentication from 127.0.0.1” that keep alternating to:
Login attempt or request with invalid authentication from 192.168.1.30 (Pi IP address).

I can dismiss this message but I afraid that something is wrong and maybe something have still to be done.
Can someone instruct what to do about it?

Out of this, everything seems to be working fine.
Thanks!

nickrout · September 24, 2018, 2:52am

That is above my pay grade, but hopefully someone smarter will come along!

FunkyBoT · September 24, 2018, 3:29am

Clicking in DISMISS doesn’t help. The message remains.

DavidFW1960 · September 24, 2018, 3:34am

What is the card displaying? Has the config of that component changed since 0.72?

FunkyBoT · September 24, 2018, 4:20am

It is not complaining about a component, it is just an message alert that is shown as a card:

Login attempt failed
Login attempt or request with invalid authentication from 192.168.1.30
Login attempt or request with invalid authentication from 127.0.0.1

Then I suspected about Node-Red, which runs in the same Pi. Stopping Node-Red service made the messages disappear. So after updating authentication in some nodes (sure I would have to update it!) and after some stops and starts, everything seems to be ok again.
Thanks for your help guys.