{"id":30850438,"url":"https://github.com/Sloth-on-meth/DoorOpener","last_synced_at":"2025-09-07T06:03:25.515Z","repository":{"id":312719994,"uuid":"1047639844","full_name":"Sloth-on-meth/DoorOpener","owner":"Sloth-on-meth","description":"A sleek, single-button web portal for triggering any Home Assistant action (like opening a building door), protected by secure PIN authentication. Perfect for apartment buildings, offices, or any scenario where you want easy, controlled access for multiple users.","archived":false,"fork":false,"pushed_at":"2025-09-01T14:55:50.000Z","size":40,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-01T16:35:23.971Z","etag":null,"topics":["apartment","automation","building-automation","docker","door","door-access","flask","home-assistant","python","smarthome","web-portal"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Sloth-on-meth.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-08-30T21:51:26.000Z","updated_at":"2025-09-01T14:55:54.000Z","dependencies_parsed_at":"2025-09-01T16:35:27.992Z","dependency_job_id":"b1164735-5496-4983-bdb3-488e4740307f","html_url":"https://github.com/Sloth-on-meth/DoorOpener","commit_stats":null,"previous_names":["sloth-on-meth/dooropener"],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/Sloth-on-meth/DoorOpener","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sloth-on-meth%2FDoorOpener","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sloth-on-meth%2FDoorOpener/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sloth-on-meth%2FDoorOpener/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sloth-on-meth%2FDoorOpener/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Sloth-on-meth","download_url":"https://codeload.github.com/Sloth-on-meth/DoorOpener/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sloth-on-meth%2FDoorOpener/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274001213,"owners_count":25205211,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-07T02:00:09.463Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apartment","automation","building-automation","docker","door","door-access","flask","home-assistant","python","smarthome","web-portal"],"created_at":"2025-09-07T06:01:33.940Z","updated_at":"2025-09-07T06:03:25.498Z","avatar_url":"https://github.com/Sloth-on-meth.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# 🚨 Help Wanted: Home Assistant Add-on Needed!\n\n**I couldn't figure out how to turn this project into a proper Home Assistant add-on. If you know how, please open a PR!**\n\n\u003e **Important:** Any add-on solution must not break standalone usage. The project must remain fully usable both as a Home Assistant add-on _and_ as a standalone app (Docker, pip, etc).\n\n---\n\n# 🚪 DoorOpener\n\nA secure web interface for controlling smart door openers via Home Assistant. Features a modern glass-morphism UI with visual keypad, per-user PINs, audio feedback, battery monitoring, and comprehensive security.\n\n![Version 1.6.0](https://img.shields.io/badge/version-1.6.0-blue?style=flat-square)\n\n\u003cimg width=\"2554\" height=\"1187\" alt=\"image\" src=\"https://github.com/user-attachments/assets/e9e2fd6c-aa32-4ea1-933f-668fad3fbfc4\" /\u003e\n\n\u003cimg width=\"2554\" height=\"1187\" alt=\"image\" src=\"https://github.com/user-attachments/assets/4d5259fa-ee7b-4d03-a02b-b77301cebf0c\" /\u003e\n\n## What It Does\n\nDoorOpener provides a web-based keypad interface to remotely open doors connected to Home Assistant. Users enter their personal PIN on a visual keypad, and the system securely communicates with Home Assistant to trigger the door opener.\n\n**Key Features:**\n- Visual 3x4 keypad interface with auto-submit\n- Individual PINs for each user\n- Audio feedback (success chimes, failure sounds)\n- Real-time battery monitoring for Zigbee devices\n- Multi-layer security with rate limiting and IP blocking\n- Admin dashboard for viewing access logs\n- Test mode for safe development\n- **Supports Home Assistant `switch`, `lock`, and `input_boolean` entities**\n\n## Quick Start\n\n### Docker (Recommended)\n\nYou can run DoorOpener using the prebuilt image from GitHub Container Registry (ghcr.io):\n\n```bash\ngit clone https://github.com/Sloth-on-meth/DoorOpener.git\ncd DoorOpener\ncp config.ini.example config.ini\ncp .env.example .env\n# Edit config.ini with your Home Assistant details and PINs\n# Edit .env to set DOOROPENER_PORT if different from 6532\ndocker run -d --env-file .env -v $(pwd)/config.ini:/app/config.ini:ro -v $(pwd)/logs:/app/logs -p 6532:6532 ghcr.io/sloth-on-meth/dooropener:latest\n```\n\nThis will start DoorOpener using the official image. If you need to change the port, update the .env file and adjust the `-p` argument accordingly.\n\n#### Building Locally (Optional)\nIf you want to build the image yourself:\n```bash\ndocker build -t dooropener:latest .\ndocker run -d --env-file .env -v $(pwd)/config.ini:/app/config.ini:ro -v $(pwd)/logs:/app/logs -p 6532:6532 dooropener:latest\n```\n\n\n\u003c!--\n#### Using the public ghcr.io image\n\n(Registry-based deployment is currently disabled)\n--\u003e\n\n\n## Configuration\n\n### Environment Variables (.env file)\n\n```bash\n# Port configuration (optional, defaults to 6532)\nDOOROPENER_PORT=6532\n\n# Timezone (optional, defaults to UTC)\nTZ=America/New_York\n```\n\n### Application Config (config.ini)\n\n```ini\n[HomeAssistant]\nurl = http://homeassistant.local:8123\ntoken = your_long_lived_access_token\nswitch_entity = switch.your_door_opener\n\n[pins]\nalice = 1234\nbob = 5678\n\n[admin]\nadmin_password = secure_password\n\n[server]\n# Overridden by DOOROPENER_PORT env var if set\nport = 6532\n# Set to true for testing without opening door\ntest_mode = false\n\n[security]\n# Maximum failed attempts per IP before blocking\nmax_attempts = 5 \n# Block time in minutes after max attempts reached\nblock_time_minutes = 5\n# Maximum global attempts per hour across all users\nmax_global_attempts_per_hour = 50\n# Maximum failed attempts per session before blocking\nsession_max_attempts = 3\n```\n\n### OIDC (Authentik) — Experimental\n\n\u003e IMPORTANT: This OIDC/Authentik integration is a rudimentary, first-pass implementation. It has not been fully verified end‑to‑end in production. It may not work in your setup. Use at your own risk and please open issues/PRs with fixes.\n\nDoorOpener can optionally integrate with Authentik using in‑app OIDC. When enabled, users can sign in via SSO, and—optionally—open the door without a PIN.\n\n```ini\n[oidc]\nenabled = false                     # Set to true to enable OIDC\nissuer = https://auth.example.com/application/o/dooropener\nclient_id = your_client_id\nclient_secret = your_client_secret\nredirect_uri = https://your.domain/oidc/callback\n\n# Optional group required for admin dashboard access\nadmin_group = dooropener-admins\n\n# Optional group allowed to open the door via OIDC (pinless)\n# Leave empty to allow any authenticated OIDC user\nuser_group = dooropener-users\n\n# If true, OIDC users still must enter a PIN (no pinless open)\nrequire_pin_for_oidc = false\n```\n\nNotes:\n- In development over HTTP, set `SESSION_COOKIE_SECURE=false` (env) so the browser sends the session cookie.\n- Set a stable secret across instances via `FLASK_SECRET_KEY` (env) or `[server] secret_key` in `config.ini`.\n- The implementation is minimal and may require adjustments to claims (e.g., `groups`) depending on your Authentik setup.\n\n**Configuration Priority:**\n1. Environment variables (`.env` file) - highest priority\n2. `config.ini` settings\n3. Default values\n\n## Usage\n\n1. **Access Interface** - Visit `http://localhost:6532`\n2. **Enter PIN** - Use the visual keypad to enter your 4-8 digit PIN\n3. **Auto-Submit** - Door opens automatically when valid PIN length is entered\n4. **Admin Access** - Click gear icon for admin dashboard (view logs, manage users)\n\n## Security Features\n\n- **Configurable Rate Limiting** - Customizable failed attempt limits and block times\n- **Multi-Layer Protection** - IP-based, session-based, and global rate limiting\n- **Progressive Delays** - Increasing delays (1s→16s) after failed attempts\n- **Session Tracking** - Prevents easy bypass of security measures  \n- **Audit Logging** - All attempts logged with timestamps, IPs, and results\n- **Input Validation** - PIN format validation and request sanitization\n- **Security Headers** - XSS protection, clickjacking prevention, CSP\n\n### Security Configuration\n\nAll security parameters are configurable via `config.ini`:\n\n- `max_attempts` - Failed attempts per IP before blocking (default: 5)\n- `block_time_minutes` - Block duration in minutes (default: 5)\n- `max_global_attempts_per_hour` - Global rate limit across all users (default: 50)\n- `session_max_attempts` - Failed attempts per session before blocking (default: 3)\n\n## API Endpoints\n\n- `GET /` - Main interface\n- `POST /open-door` - Door control (requires PIN unless OIDC pinless is enabled and user is authorized)\n- `GET /battery` - Battery level data\n- `GET /admin` - Admin dashboard\n\n## Development\n\n**Test Mode:** Set `test_mode = true` in config to test interface without opening door.\n\n**Manual Installation:**\n```bash\npip install -r requirements.txt\npython app.py\n```\n\n## License\n\nOpen source - see repository for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSloth-on-meth%2FDoorOpener","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FSloth-on-meth%2FDoorOpener","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSloth-on-meth%2FDoorOpener/lists"}