Hellow dear community , i just started exploring traccar and made myself a selfhosted service up and running :)
IoT device that i'am connecting to traccar is fine, but i have one small issue..
How to make traccar to be auth / token based for everything.
Right now the script bellow is executing without any problem , and dont ask for auth or anything just play text query sended to server.
If i open my gps server to the world someone may try to spam it with fake devices etc.
How can i secure the connection somehow ? - Btw it`s already behind Proxy with SSL
import requests
from datetime import datetime, timezone
url = "https://gps.example.com/"
data = {
"location": {
"timestamp": datetime.now(timezone.utc).isoformat().replace("+00:00", "Z"),
"coords": {
"latitude": 48.8566,
"longitude": 2.3522,
"accuracy": 10,
"speed": 15,
"heading": 270,
"altitude": 35
},
"is_moving": True,
"odometer": 12345,
"event": "motionchange",
"battery": {
"level": 0.75,
"is_charging": False
},
"activity": {
"type": "in_vehicle"
},
"extras": {}
},
"device_id": "sim7600_device"
}
headers = {"Content-Type": "application/json"}
response = requests.post(url, json=data, headers=headers)
print("Status Code:", response.status_code)
print("Response Body:", response.text)
You would have to do it with a proxy.
Thank you i will try to do that :)
Great system btw ^^
You also have the option to disable the registration of unknown devices.
If you do this, Traccar will only accept location data from known device IDs.
Less secure than authentication, but due to SSL, one would still need to guess the chosen device ID first.
Hellow dear community , i just started exploring traccar and made myself a selfhosted service up and running :)
IoT device that i'am connecting to traccar is fine, but i have one small issue..
How to make traccar to be auth / token based for everything.
Right now the script bellow is executing without any problem , and dont ask for auth or anything just play text query sended to server.
If i open my gps server to the world someone may try to spam it with fake devices etc.
How can i secure the connection somehow ? - Btw it`s already behind Proxy with SSL
import requests from datetime import datetime, timezone url = "https://gps.example.com/" # Change this if needed data = { "location": { "timestamp": datetime.now(timezone.utc).isoformat().replace("+00:00", "Z"), "coords": { "latitude": 48.8566, "longitude": 2.3522, "accuracy": 10, "speed": 15, "heading": 270, "altitude": 35 }, "is_moving": True, "odometer": 12345, "event": "motionchange", "battery": { "level": 0.75, "is_charging": False }, "activity": { "type": "in_vehicle" }, "extras": {} }, "device_id": "sim7600_device" } headers = {"Content-Type": "application/json"} response = requests.post(url, json=data, headers=headers) print("Status Code:", response.status_code) print("Response Body:", response.text)