Card reuses old camera token, generates failed login attempts

Checklist:

• I updated to the latest version available
• I cleared the cache of my browser

Release with the issue: main

Last working release (if known):

Browser and Operating System:

Firefox 97.0, Ubuntu 20.04 HA Companion 2022.2, iOS 15.3.1

Description of problem:

There was a PR #372 which allows to use image from HA camera entity. I really like this because now I don’t need to use reverse proxy -> Frigate for fetching snapshots, and with frequently changing token it’s more secure than fixed URL.

After testing this PR functionality with multiple Frigate cards in one view, I encountered issue where HA bans my IP. I already got banned like 3 times in 2 days from Home Assistant with http.ip_ban_enabled: true and http.login_attempts_threshold: 15 in HA main configuration.

It seems like when camera token changes, Frigate card will try reuse old token which will cause failed login attempts. It’s happening occasionally so I couldn’t find a pattern, but failed attempts occurs in both Web browser and HA Companion App.

Also, I investigated that sometimes if you restart your Home Assistant instance and keep Browser tab/tabs open with Frigate card, it will try to refresh image with old camera token. In Network tab of Browser Developers tools there will be at least one request(sometimes more) with 404 Not Found status code and 401 Unauthorized(which cause failed login attempt). After HA is fully started it will start to use correct token again.

For now I switched back to my old image retrieving solution.

Javascript errors shown in the web inspector (if applicable):

Additional information:

Used image block in configuration:

image:
  mode: camera
  refresh_seconds: 5