[Feature Request] Check if keypad code and codeId combination is valid

[iranl]

Discussed in https://github.com/technyon/nuki_hub/discussions/479

^{Originally posted by jkrenzer October 3, 2024} Hi!

After setting a key-code it would be helpful if there was an endpoint for checking a given 6-digit code against a codeId. This way an external interface updating the code could afterwards verify, that the new code is now set without publishing all codes in the mqtt permanently.

Something like:

Request:

{
  "action": "check",
  "codeId": 1234,
  "code": 654321
}

Response:

{
  "valid": true
}

Kind regards, Jörn

[technyon]

I'm really thinking if we shouldn't just add that option to publish the keypad codes. It should be clearly marked it in the web interface as safety relevant. If someone takes the necessary precautions to secure their system like using SSL encryption, it maybe is not that big of a safety issue, but we should communicate that clearly. Having such an option to just verify a code is a good thing to have too though. @iranl Are you looking into this already?

[technyon]

Nevermind, I just realized we have the "Also publish keypad codes (Disadvised for security reasons)" already.

[iranl]

I'll work on this for 9.02 as an optional (disabled by default) feature

[iranl]

I've added the code in #488 with some basic brute force prevention and a toggle in de Web configurator that needs to be set to allow checking codes at all.

I have not been able to test as I'm somewhat limited by my home remoddeling in what I can test on my main Nuki 4.0 pro + keypad 2.

Format should be as suggested to the nukihub/keypad/actionJson topic:

{
  "action": "check",
  "codeId": 1234,
  "code": 654321
}

Result will be in the keypad/commandResultJson topic (checkingKeypadCodesDisabled, codeValid, codeInvalid, checkingCodesBlockedTooManyInvalid)

PR still needs a README update and testing