From 28bfb28ff62f9caaf8b3cbd02f851afc3928395b Mon Sep 17 00:00:00 2001 From: Ray Jones Date: Wed, 22 Apr 2020 16:42:24 +1000 Subject: [PATCH] Adding web authorisation --- src/Afterburner.cpp | 2 +- src/Utility/NVStorage.cpp | 4 ++++ src/Utility/NVStorage.h | 6 ++++++ src/WiFi/BTCWebServer.cpp | 8 ++++++++ 4 files changed, 19 insertions(+), 1 deletion(-) diff --git a/src/Afterburner.cpp b/src/Afterburner.cpp index 9ec3163..7962fe6 100644 --- a/src/Afterburner.cpp +++ b/src/Afterburner.cpp @@ -1623,7 +1623,7 @@ void feedWatchdog() #if USE_SW_WATCHDOG == 1 && USE_JTAG == 0 // BEST NOT USE WATCHDOG WITH JTAG DEBUG :-) // DebugPort.printf("\r %ld Watchdog fed", millis()); - DebugPort.print("~"); + // DebugPort.print("~"); WatchdogTick = 1500; #else WatchdogTick = -1; diff --git a/src/Utility/NVStorage.cpp b/src/Utility/NVStorage.cpp index 5175b63..2191f6d 100644 --- a/src/Utility/NVStorage.cpp +++ b/src/Utility/NVStorage.cpp @@ -600,6 +600,8 @@ sCredentials::load() validatedLoad("APpassword", APpassword, 31, "thereisnospoon"); validatedLoad("webUpdateUser", webUpdateUsername, 31, "Afterburner"); validatedLoad("webUpdatePass", webUpdatePassword, 31, "BurnBabyBurn"); + validatedLoad("webUser", webUsername, 31, "Afterburner"); + validatedLoad("webPass", webPassword, 31, "WebAccess"); preferences.end(); } @@ -612,6 +614,8 @@ sCredentials::save() preferences.putString("APpassword", APpassword); preferences.putString("webUpdateUser", webUpdateUsername); preferences.putString("webUpdatePass", webUpdatePassword); + preferences.putString("webUser", webUsername); + preferences.putString("webPass", webPassword); preferences.end(); } diff --git a/src/Utility/NVStorage.h b/src/Utility/NVStorage.h index 490c2de..b902adb 100644 --- a/src/Utility/NVStorage.h +++ b/src/Utility/NVStorage.h @@ -235,11 +235,15 @@ struct sCredentials : public CESP32_NVStorage { char APpassword[32]; char webUpdateUsername[32]; char webUpdatePassword[32]; + char webUsername[32]; + char webPassword[32]; void init() { strcpy(APSSID, "Afterburner"); strcpy(APpassword, "thereisnospoon"); strcpy(webUpdateUsername, "Afterburner"); strcpy(webUpdatePassword, "BurnBabyBurn"); + strcpy(webUsername, "Afterburner"); + strcpy(webPassword, "WebAccess"); }; void load(); void save(); @@ -249,6 +253,8 @@ struct sCredentials : public CESP32_NVStorage { strcpy(APpassword, rhs.APpassword); strcpy(webUpdateUsername, rhs.webUpdateUsername); strcpy(webUpdatePassword, rhs.webUpdatePassword); + strcpy(webUsername, rhs.webUsername); + strcpy(webPassword, rhs.webPassword); return *this; } }; diff --git a/src/WiFi/BTCWebServer.cpp b/src/WiFi/BTCWebServer.cpp index 53f1d10..70d987c 100644 --- a/src/WiFi/BTCWebServer.cpp +++ b/src/WiFi/BTCWebServer.cpp @@ -177,6 +177,14 @@ String getContentType(String filename) { // convert the file extension to the MI bool handleFileRead(String path) { // send the right file to the client (if it exists) DebugPort.println("handleFileRead: " + path); if (path.endsWith("/")) path += "index.html"; // If a folder is requested, send the index file + if(path.indexOf("index.html") >= 0) { + sCredentials creds = NVstore.getCredentials(); + if (!server.authenticate(creds.webUsername, creds.webPassword)) { + server.requestAuthentication(); + return true; // not entirely correct, but avoids 404 response + } + } + path.replace("%20", " "); // convert HTML spaces to normal spaces String contentType = getContentType(path); // Get the MIME type String pathWithGz = path + ".gz";