Enable api transport encryption for new projects (#3142)

* Enable api transport encryption for new projects * Format
2024-09-20 01:27:31 +02:00 · 2022-05-11 01:38:05 +02:00 · 2022-05-11 01:38:05 +02:00 · 0b69f72315
commit 0b69f72315
parent c569f5ddcf
2 changed files with 5 additions and 0 deletions
--- a/esphome/dashboard/dashboard.py
+++ b/esphome/dashboard/dashboard.py
@ -1,5 +1,6 @@
 # pylint: disable=wrong-import-position

+import base64
 import codecs
 import collections
 import functools
@ -378,6 +379,8 @@ class WizardRequestHandler(BaseHandler):
            if k in ("name", "platform", "board", "ssid", "psk", "password")
        }
        kwargs["ota_password"] = secrets.token_hex(16)
+        noise_psk = secrets.token_bytes(32)
+        kwargs["api_encryption_key"] = base64.b64encode(noise_psk).decode()
        destination = settings.rel_path(f"{kwargs['name']}.yaml")
        wizard.wizard_write(path=destination, **kwargs)
        self.set_status(200)
--- a/esphome/wizard.py
+++ b/esphome/wizard.py
@ -111,6 +111,8 @@ def wizard_file(**kwargs):
    # Configure API
    if "password" in kwargs:
        config += f"  password: \"{kwargs['password']}\"\n"
+    if "api_encryption_key" in kwargs:
+        config += f"  encryption:\n    key: \"{kwargs['api_encryption_key']}\"\n"

    # Configure OTA
    config += "\nota:\n"