Summary
The backend will support optional token-based command authorization (#36). When command_secret is configured, all MQTT commands must include a matching token. The UI should allow setting this secret from the settings page.
What to build
- Add a Security section to the Config page (or a new Settings page)
- "Command Secret" field:
- Password-style input with show/hide toggle
- "Set Secret" button — writes to backend via
config set command_secret <value>
- "Clear Secret" button — sets to empty to disable auth
- Warning text: "Once set, all MQTT commands must include this token"
- Visual indicator in the topbar showing whether command auth is enabled or disabled
- If auth is enabled, show a lock icon next to the Exec page input
Depends on
Reference
Aeolus command auth (docs/control.md):
[{"n":"token","vs":"hunter2"},{"n":"reboot"}]
Summary
The backend will support optional token-based command authorization (#36). When
command_secretis configured, all MQTT commands must include a matching token. The UI should allow setting this secret from the settings page.What to build
config set command_secret <value>Depends on
Reference
Aeolus command auth (
docs/control.md):[{"n":"token","vs":"hunter2"},{"n":"reboot"}]