From 9e2efddfc93d5071c00f2ff7ac0aed7a0a1744c5 Mon Sep 17 00:00:00 2001 From: Siwat Sirichai Date: Sun, 3 Dec 2023 02:34:37 +0700 Subject: [PATCH] http authentication support --- src/espmega_iot_core.cpp | 40 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) diff --git a/src/espmega_iot_core.cpp b/src/espmega_iot_core.cpp index ca29b47..3d4625d 100644 --- a/src/espmega_iot_core.cpp +++ b/src/espmega_iot_core.cpp @@ -38,6 +38,10 @@ char STATE_REQUEST_TOPIC[40]; bool MQTT_USE_AUTH = false; char MQTT_USERNAME[32]; char MQTT_PASSWORD[32]; +#ifdef ENABLE_WEBUI +char WEBUI_USERNAME[32]; +char WEBUI_PASSWORD[32]; +#endif uint8_t utc_offset = 7; #ifdef ENABLE_CLIMATE_MODULE float current_room_temp = 0; @@ -129,6 +133,8 @@ char DAC_VALUE_TOPIC[75]; #define EEPROM_ADDRESS_ADC_REPORT_STATE 187 // 8bytes, thru 194 #define EEPROM_ADDRESS_DAC_STATE 195 // 4bytes, thru 198 #define EEPROM_ADDRESS_DAC_VALUE 199 // 8bytes, thru 206 +#define EEPROM_ADDRESS_WEBUI_USERNAME 207 // 32bytes, thru 238 +#define EEPROM_ADDRESS_WEBUI_PASSWORD 239 // 32bytes, thru 270 char PWM_STATE_TOPIC[75]; char PWM_VALUE_TOPIC[75]; @@ -238,7 +244,10 @@ void loop() */ void eeprom_retrieve_init() { - + #ifdef ENABLE_WEBUI + ESPMega_FRAM.read(EEPROM_ADDRESS_WEBUI_USERNAME, (uint8_t *)WEBUI_USERNAME, 32); + ESPMega_FRAM.read(EEPROM_ADDRESS_WEBUI_PASSWORD, (uint8_t *)WEBUI_PASSWORD, 32); + #endif // EEPROM Data Retrival #ifdef ENABLE_CLIMATE_MODULE ac_mode = ESPMega_FRAM.read8(EEPROM_ADDRESS_AC_MODE); @@ -365,6 +374,8 @@ void ota_begin() { otaserver.on("/", HTTP_GET, []() { + if(!otaserver.authenticate(WEBUI_USERNAME, WEBUI_PASSWORD)) + return otaserver.requestAuthentication(); otaserver.sendHeader("Connection", "close"); String otabuffer = ota_part1; otabuffer+=ota_part2_1+"Hostname"+ota_part2_2+String(HOSTNAME)+ota_part2_3; @@ -382,6 +393,8 @@ void ota_begin() otaserver.send(200, "text/html", otabuffer); }); otaserver.on("/config", HTTP_GET, []() { + if(!otaserver.authenticate(WEBUI_USERNAME, WEBUI_PASSWORD)) + return otaserver.requestAuthentication(); otaserver.sendHeader("Connection", "close"); String configbuffer = config_part1; configbuffer+=config_txt_part1+"IP Address"+config_txt_part2+"text"+config_txt_part3+"dev_ip"+config_txt_part4+"dev_ip"+config_txt_part5+IP.toString()+config_txt_part6; @@ -395,11 +408,15 @@ void ota_begin() configbuffer+=config_txt_part1+"BMS Server - Username"+config_txt_part2+"text"+config_txt_part3+"bms_username"+config_txt_part4+"bms_username"+config_txt_part5+String(MQTT_USERNAME)+config_txt_part6; configbuffer+=config_txt_part1+"BMS Server - Password"+config_txt_part2+"password"+config_txt_part3+"bms_password"+config_txt_part4+"bms_password"+config_txt_part5+String(MQTT_PASSWORD)+config_txt_part6; configbuffer+=config_txt_part1+"BMS Server - Endpoint"+config_txt_part2+"text"+config_txt_part3+"bms_endpoint"+config_txt_part4+"bms_endpoint"+config_txt_part5+String(MQTT_BASE_TOPIC)+config_txt_part6; + configbuffer+=config_txt_part1+"WebUI Username"+config_txt_part2+"text"+config_txt_part3+"webui_username"+config_txt_part4+"webui_username"+config_txt_part5+String(WEBUI_USERNAME)+config_txt_part6; + configbuffer+=config_txt_part1+"WebUI Password"+config_txt_part2+"password"+config_txt_part3+"webui_password"+config_txt_part4+"webui_password"+config_txt_part5+String(WEBUI_PASSWORD)+config_txt_part6; configbuffer+=config_part2; otaserver.send(200, "text/html", configbuffer); }); otaserver.on("/save_config", HTTP_GET, []() { + if(!otaserver.authenticate(WEBUI_USERNAME, WEBUI_PASSWORD)) + return otaserver.requestAuthentication(); otaserver.sendHeader("Connection", "close"); String configbuffer = "Configuration Saved. Rebooting . . ."; otaserver.send(200, "text/html", configbuffer); @@ -432,6 +449,10 @@ void ota_begin() } else if(!arg.compareTo("bms_useauth")) { if(!value.compareTo("yes")) use_auth = true; + } else if(!arg.compareTo("webui_username")) { + ESPMega_FRAM.write(EEPROM_ADDRESS_WEBUI_USERNAME, (uint8_t *)value.c_str(), value.length()); + } else if(!arg.compareTo("webui_password")) { + ESPMega_FRAM.write(EEPROM_ADDRESS_WEBUI_PASSWORD, (uint8_t *)value.c_str(), value.length()); } } set_mqtt_useauth(use_auth); @@ -442,6 +463,8 @@ void ota_begin() otaserver.on( "/update", HTTP_POST, []() { + if(!otaserver.authenticate(WEBUI_USERNAME, WEBUI_PASSWORD)) + return otaserver.requestAuthentication(); otaserver.sendHeader("Connection", "close"); otaserver.send(200, "text/plain", (Update.hasError()) ? "FAIL" : "OK"); ESP.restart(); }, @@ -1789,6 +1812,18 @@ void set_mqtt_useauth(bool use_auth) ESPMega_FRAM.write8(EEPROM_ADDRESS_MQTT_USEAUTH, MQTT_USE_AUTH); } +void set_webui_username(String username) +{ + username.toCharArray(WEBUI_USERNAME, 32); + ESPMega_FRAM.write(EEPROM_ADDRESS_WEBUI_USERNAME, (uint8_t *)WEBUI_USERNAME, 32); +} + +void set_webui_password(String password) +{ + password.toCharArray(WEBUI_PASSWORD, 32); + ESPMega_FRAM.write(EEPROM_ADDRESS_WEBUI_PASSWORD, (uint8_t *)WEBUI_PASSWORD, 32); +} + /** * @brief Resets the device to factory default settings. * @@ -1824,6 +1859,9 @@ void factory_reset() set_ip("192.168.0.10"); set_gw("192.168.0.1"); set_netmask("255.255.255.0"); + set_webui_username("admin"); + set_webui_password("admin"); + // Reboot #ifdef ENABLE_INTERNAL_LCD lcd_send_stop_bit();