Tuya Developer Forum

I'm implementing Tuya's Smart Lock API in my Node.js backend service to programmatically create temporary passwords. Here's my current implementation:

Code: Select all

async function getPasswordTicket(deviceId) {   return await tuya.request({     method: "POST",     path: `/v1.0/devices/${deviceId}/door-lock/password-ticket`,   }); }  function encryptPassword(password, ticketKey) {   try {     validateInput(password, ticketKey);      const clientSecret = process.env.TUYA_SECRET_KEY;     if (!clientSecret) {       throw new Error("TUYA_SECRET_KEY is not configured");     }      // Step 1: Decrypt the ticket_key using client secret     const decryptedTicketKey = decryptPassword(ticketKey, clientSecret);     if (!decryptedTicketKey) {       throw new Error("Ticket key decryption failed");     }      // Step 2: Encrypt the password using decrypted ticket key     const key = CryptoJS.enc.Utf8.parse(decryptedTicketKey);     const encrypted = CryptoJS.AES.encrypt(password, key, {       mode: CryptoJS.mode.ECB,       padding: CryptoJS.pad.Pkcs7,     });      return encrypted.ciphertext.toString(CryptoJS.enc.Hex).toUpperCase();   } catch (error) {     console.error("Encryption error:", error);     throw error;   } }  async function createTemporaryPassword({   deviceId,   name,   password,   effectiveTime,   invalidTime,   phone,   timeZone = "+01:00",   bookingId = null, }) {   try {     const ticketResponse = await getPasswordTicket(deviceId);      const encryptedPassword = await encryptPassword(       password,       ticketResponse.result.ticket_key     );     console.log("Encrypted Password:", encryptedPassword);      const requestBody = {       name,       password: encryptedPassword,       password_type: "ticket",       ticket_id: ticketResponse.result.ticket_id,       effective_time: effectiveTime,       invalid_time: invalidTime,       time_zone: timeZone,       type: 0,     };      if (phone) requestBody.phone = phone;      const response = await tuya.request({       method: "POST",       path: `/v1.0/devices/${deviceId}/door-lock/temp-password`,       body: requestBody,     });      if (bookingId && response.success) {       // Find the booking first       const booking = await Booking.findById(bookingId);        if (booking) {         // Check if the device exists in tuya_lock array         const lockIndex = booking.tuya_lock.findIndex(           (lock) => lock.device_id === deviceId         );          if (lockIndex >= 0) {           // Device exists, update its passwords           await Booking.findOneAndUpdate(             { _id: bookingId, "tuya_lock.device_id": deviceId },             {               $push: {                 "tuya_lock.$.passwords": {                   name,                   effectiveTime,                   invalidTime,                   code: password,                   code_id: response.result.id.toString(),                 },               },             },             { new: true }           );         } else {           // Device doesn't exist, add new device to array           await Booking.findByIdAndUpdate(             bookingId,             {               $push: {                 tuya_lock: {                   device_id: deviceId,                   passwords: [                     {                       name,                       effectiveTime,                       invalidTime,                       code: password,                       code_id: response.result.id.toString(),                     },                   ],                 },               },             },             { new: true }           );         }       }     }      return response;   } catch (error) {     console.error("Error creating temporary password:", error);     throw error;   } }

The API call returns a success response and I can verify the password is created because:

It appears in the Tuya app's password list

Attempting to create the same password via app returns "lock pwd repeat" error

Despite successful API response and password creation, the password fails verification at the physical lock (error: "verify failed"). The same password creation flow works when done through Tuya's app.

Questions:

Are there additional API endpoints I need to call after password creation to sync with the physical lock?

Is there a specific format or encryption required for the password parameter that isn't documented?

Does anyone have a working example of creating a verified temporary password via their API?

I've reviewed the API documentation (https://developer.tuya.com/en/docs/clou ... gsgd4cgysr) but couldn't find any additional required steps

Lock details:

Model category: jtmspro

API version: v1.0

Since the reporting from the device is uncontrollable, the device interface is asynchronous. A successful interface call merely indicates that the process of creating the password has been triggered. Whether the password is successfully created depends on the status reported by the device.

There are a few questions we need to clarify so that I can better understand where the issue lies:

What protocol does the device use, Bluetooth or Wi-Fi?
After a certain period, does the password remain, or is it deleted after a timeout?

It is a wifi lock. And no, the password does not disappear. It still remains. In fact, the password name becomes highlighted in green on the app (with this badge - Active, in use)

If everything appears normal, then I suspect there might be an issue with the device or the interaction process. Please trigger it again, and then find the virtual ID in the device information and send it to me.

I have triggered it again. Here is what I received from Tuya:

Code: Select all

{
  "success": true,
  "data": {
    "result": {
      "id": 420764214
    },
    "success": true,
    "t": 1736236699540,
    "tid": "28a4835acccd11efa76ab217c6c149bc"
  }
}

And here is the device details:

Code: Select all

{
      "active_time": 1735419834,
      "bind_space_id": "217343607",
      "category": "jtmspro",
      "create_time": 1735419834,
      "custom_name": null,
      "icon": "https://images.tuyaeu.com/smart/program_category_icon/jtmspro.png",
      "id": "bf827915baaa5789a5le7b",
      "ip": "79.101.155.134",
      "is_online": true,
      "lat": "0",
      "local_key": "OTU?R)}Mw3r=Yk(;",
      "lon": "0",
      "model": "",
      "name": "Wifi猫眼门锁JTF(WBRU)",
      "product_id": "1p05lrx6swpmwi9p",
      "product_name": "Wifi猫眼门锁JTF(WBRU)",
      "sub": false,
      "time_zone": "+01:00",
      "update_time": 1735463386,
      "uuid": "4c63f6df41262e57",
      "battery_percentage": 90
    }

The device id is bf827915baaa5789a5le7b

Thanks.

This device is a non-persistent Wi-Fi lock, so when adding a password, the device needs to synchronize. I did not see any synchronization data from the device to the cloud in the history records, nor did I see any information about the app creating a temporary password. Please confirm whether this device is developed by yourself or if it is an already mature product. If it is a mature product, we need to check why the device has not synchronized with the cloud.

Tuya Developer Forum

Temp Password created via Cloud API not working

Temp Password created via Cloud API not working

Re: Temp Password created via Cloud API not working

Re: Temp Password created via Cloud API not working

Re: Temp Password created via Cloud API not working

Re: Temp Password created via Cloud API not working

Re: Temp Password created via Cloud API not working