bonamin/bellsystems-cp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Trying to fix Auto Restart. And Fixed MQTT admin auth

Browse Source
This commit is contained in:
Vasileios Kousaridas
2026-02-27 10:17:38 +02:00
parent 12784462f9
commit 7f51c60062
2 changed files with 15 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/mqtt/auth.py
View File

@@ -18,7 +18,7 @@ User types handled:
- Kiosk users (e.g. "PV25L22BP01R01-kiosk"): - Kiosk users (e.g. "PV25L22BP01R01-kiosk"):
Same HMAC auth derived from the full kiosk username. Same HMAC auth derived from the full kiosk username.
ACL: allowed to access topics of their base device (suffix stripped). ACL: allowed to access topics of their base device (suffix stripped).
- bonamin, NodeRED, and other non-device users: - admin, bonamin, NodeRED, and other non-device users:
These connect via the passwd file backend (go-auth file backend). These connect via the passwd file backend (go-auth file backend).
They never reach this HTTP backend — go-auth resolves them first. They never reach this HTTP backend — go-auth resolves them first.
The ACL endpoint below handles them defensively anyway (superuser list). The ACL endpoint below handles them defensively anyway (superuser list).
@@ -35,7 +35,7 @@ LEGACY_PASSWORD = "vesper"
# Users authenticated via passwd file (go-auth file backend). # Users authenticated via passwd file (go-auth file backend).
# If they somehow reach the HTTP ACL endpoint, grant full access. # If they somehow reach the HTTP ACL endpoint, grant full access.
SUPERUSERS = {"bonamin", "NodeRED"} SUPERUSERS = {"admin", "bonamin", "NodeRED"}
def _derive_password(username: str) -> str: def _derive_password(username: str) -> str:
@@ -86,7 +86,7 @@ async def mqtt_auth_user(
or kiosk variant: "PV25L22BP01R01-kiosk" or kiosk variant: "PV25L22BP01R01-kiosk"
Password = HMAC-derived (new firmware) or "vesper" (legacy firmware) Password = HMAC-derived (new firmware) or "vesper" (legacy firmware)
Note: bonamin and NodeRED authenticate via the go-auth passwd file backend Note: admin, bonamin and NodeRED authenticate via the go-auth passwd file backend
and never reach this endpoint. and never reach this endpoint.
""" """
if _is_valid_password(username, password): if _is_valid_password(username, password):

14
frontend/src/manufacturing/ProvisioningWizard.jsx
View File

@@ -534,8 +534,18 @@ function StepFlash({ device, onFlashed }) {
setFwProgress(100); setFwProgress(100);
appendLog("Flash complete. Resetting device…"); appendLog("Flash complete. Resetting device…");
// 5. Hard-reset via RTS — device boots into user code automatically // 5. Manual hard-reset via RTS pulse (ESP32: RTS → EN pin)
await loaderRef.current.after("hard_reset"); // esptool-js HardReset only calls setRTS(false) which is incomplete.
// Full pulse: RTS high (EN=LOW → chip in reset) → wait → RTS low (EN=HIGH → boot)
try {
const transport = loaderRef.current.transport;
await transport.setRTS(true); // pull EN low → enter reset
await new Promise((r) => setTimeout(r, 100));
await transport.setRTS(false); // release EN → boot into user code
await new Promise((r) => setTimeout(r, 100));
} catch (rstErr) {
appendLog(`[Reset warning: ${rstErr.message}]`);
}
appendLog("Hard reset sent. Device is booting…"); appendLog("Hard reset sent. Device is booting…");
// 6. Disconnect the esptool transport so it releases the port lock // 6. Disconnect the esptool transport so it releases the port lock