Prusa-Link-Web icon indicating copy to clipboard operation
Prusa-Link-Web copied to clipboard

Published 20 hours ago verified publisher icon prusa3d

v4.4.0 makes automated logging of printer telemetry impossible

Open twshield opened this issue 2 years ago • 6 comments

Version 4.3.x had a very useful URL of

http://[prusa mini hostname]/api/telemetry

that returned a simple json file that allowed logging of the printer status (temperatures, file printing, etc). I found this feature so useful, I'm going to revert my firmware until this is restored.

With the network changes in v4.4.0 and the need for a API key for every session (which also makes using the web interface from a browser annoying), I don't see any way to get the equivalent information from the new web interface. I see no reason the read only information in the v4.3 json telemetry needs to be protected by the API key authentication mechanism.

Furthermore, the printer won't even ping, so there is not even an easy way to tell if the printer is up with the new firmware.

twshield avatar Dec 16 '22 17:12 twshield

Hi, yes, we are working on new API, which is unfortunately not complete yet.

The new way is authorize any resources by HTTP Digest (API-Key for your firmware version). So there will be no way, how to get any info without knowing that key and password in the future.

The new API is describe here: https://github.com/prusa3d/Prusa-Link-Web/blob/master/spec/openapi.yaml

We will discuss, if and how to allow simple ping if printer is alive. Probably some HEAD request on /api/version

ondratu avatar Jan 04 '23 08:01 ondratu

Thanks for the reply.

Needing an API key/password is fine if there is a way to specify them in the URL, such as

http://[prusa mini hostname]/api/telemetry?apikey=ABCD1234

You can't just turn ping responses on in the network layer? I would think you are making support more difficult for yourself by not allowing users to check network connectivity with ping. It's always the first thing I do to check when there is a network problem.

twshield avatar Jan 04 '23 16:01 twshield

Thanks for your suggestions. I guess making the API key/password "explicit" in the URL would render the printer vulnerable. I wonder if a feature to enable/disables the protection key could be an option at this point- at least when connecting within a local network - but safe connecting is an important matter to us.

Our developers will make their considerations about that.

In near future, the browser should be allowed to autofill credentials (https://github.com/prusa3d/Prusa-Link-Web/issues/222) and this could shorten the authentication process at least.

Michele Moramarco Prusa Research

Prusa-Support avatar Jan 31 '23 11:01 Prusa-Support

Idea: add a checkbox in the settings to allow passwordless/keyless reading of telemetry and let it disabled by default

LucaMH avatar Jan 31 '23 11:01 LucaMH

That seems like a good solution. Thanks.

twshield avatar Jan 31 '23 15:01 twshield

Thanks for sharing your ideas. We are taking notes.

Michele Moramarco Prusa Research

Prusa-Support avatar Feb 14 '23 17:02 Prusa-Support