1
0
mirror of https://github.com/s00500/ESPUI.git synced 2024-11-21 22:50:55 +00:00

#44 Adding Basic Auth

- Also authing websockets
- Implemented on begin and beginSpiffs
- Added notes to Gui example
This commit is contained in:
Lukas Bachschwell 2018-12-26 13:38:38 +01:00
parent f31575b50c
commit 7a10457f99
3 changed files with 90 additions and 10 deletions

View File

@ -157,11 +157,19 @@ void setup(void) {
/* /*
.begin loads and serves all files from PROGMEM directly. .begin loads and serves all files from PROGMEM directly.
If you want to serve the files from SPIFFS use .beginSPIFFS If you want to serve the files from SPIFFS use ESPUI.beginSPIFFS
(.prepareFileSystem has to be run in an empty sketch before) (.prepareFileSystem has to be run in an empty sketch before)
*/ */
dnsServer.start(DNS_PORT, "*", apIP); dnsServer.start(DNS_PORT, "*", apIP);
/*
* Optionally you can use HTTP BasicAuth. Keep in mind that this is NOT a
SECURE way of limiting access.
* Anyone who is able to sniff traffic will be able to intercept your password
since it is transmitted in cleartext ESPUI.begin("ESPUI Control", "myuser",
"mypassword");
*/
ESPUI.begin("ESPUI Control"); ESPUI.begin("ESPUI Control");
} }

View File

@ -649,6 +649,12 @@ void ESPUIClass::jsonDom(AsyncWebSocketClient *client) {
} }
void ESPUIClass::beginSPIFFS(const char *_title) { void ESPUIClass::beginSPIFFS(const char *_title) {
begin(_title, NULL, NULL);
basicAuth = false;
}
void ESPUIClass::beginSPIFFS(const char *_title, const char *username,
const char *password) {
ui_title = _title; ui_title = _title;
server = new AsyncWebServer(80); server = new AsyncWebServer(80);
ws = new AsyncWebSocket("/ws"); ws = new AsyncWebSocket("/ws");
@ -670,10 +676,28 @@ void ESPUIClass::beginSPIFFS(const char *_title) {
ws->onEvent(onWsEvent); ws->onEvent(onWsEvent);
server->addHandler(ws); server->addHandler(ws);
server->serveStatic("/", SPIFFS, "/").setDefaultFile("index.htm");
if (basicAuth && username != NULL && password != NULL) {
basicAuthPassword = password;
basicAuthUsername = username;
basicAuth = true;
ws->setAuthentication(this->basicAuthUsername, this->basicAuthPassword);
server->serveStatic("/", SPIFFS, "/")
.setDefaultFile("index.htm")
.setAuthentication(ESPUI.basicAuthUsername, ESPUI.basicAuthPassword);
} else if (basicAuth) {
Serial.println(
"Could not enable BasicAuth: Username or password are not set");
} else {
server->serveStatic("/", SPIFFS, "/").setDefaultFile("index.htm");
}
// Heap for general Servertest // Heap for general Servertest
server->on("/heap", HTTP_GET, [](AsyncWebServerRequest *request) { server->on("/heap", HTTP_GET, [](AsyncWebServerRequest *request) {
if (ESPUI.basicAuth && !request->authenticate(ESPUI.basicAuthUsername,
ESPUI.basicAuthPassword))
return request->requestAuthentication();
request->send(200, "text/plain", request->send(200, "text/plain",
String(ESP.getFreeHeap()) + " In SPIFFSmode"); String(ESP.getFreeHeap()) + " In SPIFFSmode");
}); });
@ -681,26 +705,49 @@ void ESPUIClass::beginSPIFFS(const char *_title) {
server->onNotFound( server->onNotFound(
[](AsyncWebServerRequest *request) { request->send(404); }); [](AsyncWebServerRequest *request) { request->send(404); });
server->on("/zepto.js", HTTP_GET, [](AsyncWebServerRequest *request) {
AsyncWebServerResponse *response = request->beginResponse_P(
200, "application/javascript", JS_ZEPTO_GZIP, sizeof(JS_ZEPTO_GZIP));
response->addHeader("Content-Encoding", "gzip");
request->send(response);
});
server->begin(); server->begin();
if (DEBUG_ESPUI) Serial.println("UI Initialized"); if (DEBUG_ESPUI) Serial.println("UI Initialized");
} }
void ESPUIClass::begin(const char *_title) { void ESPUIClass::begin(const char *_title) {
begin(_title, NULL, NULL);
basicAuth = false;
}
void ESPUIClass::begin(const char *_title, const char *username,
const char *password) {
if (basicAuth && username != NULL && password != NULL) {
basicAuthPassword = password;
basicAuthUsername = username;
basicAuth = true;
} else if (basicAuth) {
Serial.println(
"Could not enable BasicAuth: Username or password are not set");
}
ui_title = _title; ui_title = _title;
server = new AsyncWebServer(80); server = new AsyncWebServer(80);
ws = new AsyncWebSocket("/ws"); ws = new AsyncWebSocket("/ws");
ws->onEvent(onWsEvent); ws->onEvent(onWsEvent);
server->addHandler(ws); server->addHandler(ws);
if (basicAuth && username != NULL && password != NULL) {
basicAuthPassword = password;
basicAuthUsername = username;
basicAuth = true;
ws->setAuthentication(this->basicAuthUsername, this->basicAuthPassword);
} else if (basicAuth) {
Serial.println(
"Could not enable BasicAuth: Username or password are not set");
}
server->on("/", HTTP_GET, [](AsyncWebServerRequest *request) { server->on("/", HTTP_GET, [](AsyncWebServerRequest *request) {
if (ESPUI.basicAuth && !request->authenticate(ESPUI.basicAuthUsername,
ESPUI.basicAuthPassword))
return request->requestAuthentication();
AsyncWebServerResponse *response = AsyncWebServerResponse *response =
request->beginResponse_P(200, "text/html", HTML_INDEX); request->beginResponse_P(200, "text/html", HTML_INDEX);
request->send(response); request->send(response);
@ -709,6 +756,9 @@ void ESPUIClass::begin(const char *_title) {
// Javascript files // Javascript files
server->on("/js/zepto.min.js", HTTP_GET, [](AsyncWebServerRequest *request) { server->on("/js/zepto.min.js", HTTP_GET, [](AsyncWebServerRequest *request) {
if (ESPUI.basicAuth && !request->authenticate(ESPUI.basicAuthUsername,
ESPUI.basicAuthPassword))
return request->requestAuthentication();
AsyncWebServerResponse *response = request->beginResponse_P( AsyncWebServerResponse *response = request->beginResponse_P(
200, "application/javascript", JS_ZEPTO_GZIP, sizeof(JS_ZEPTO_GZIP)); 200, "application/javascript", JS_ZEPTO_GZIP, sizeof(JS_ZEPTO_GZIP));
response->addHeader("Content-Encoding", "gzip"); response->addHeader("Content-Encoding", "gzip");
@ -716,6 +766,9 @@ void ESPUIClass::begin(const char *_title) {
}); });
server->on("/js/controls.js", HTTP_GET, [](AsyncWebServerRequest *request) { server->on("/js/controls.js", HTTP_GET, [](AsyncWebServerRequest *request) {
if (ESPUI.basicAuth && !request->authenticate(ESPUI.basicAuthUsername,
ESPUI.basicAuthPassword))
return request->requestAuthentication();
AsyncWebServerResponse *response = AsyncWebServerResponse *response =
request->beginResponse_P(200, "application/javascript", request->beginResponse_P(200, "application/javascript",
JS_CONTROLS_GZIP, sizeof(JS_CONTROLS_GZIP)); JS_CONTROLS_GZIP, sizeof(JS_CONTROLS_GZIP));
@ -724,6 +777,9 @@ void ESPUIClass::begin(const char *_title) {
}); });
server->on("/js/slider.js", HTTP_GET, [](AsyncWebServerRequest *request) { server->on("/js/slider.js", HTTP_GET, [](AsyncWebServerRequest *request) {
if (ESPUI.basicAuth && !request->authenticate(ESPUI.basicAuthUsername,
ESPUI.basicAuthPassword))
return request->requestAuthentication();
AsyncWebServerResponse *response = request->beginResponse_P( AsyncWebServerResponse *response = request->beginResponse_P(
200, "application/javascript", JS_SLIDER_GZIP, sizeof(JS_SLIDER_GZIP)); 200, "application/javascript", JS_SLIDER_GZIP, sizeof(JS_SLIDER_GZIP));
response->addHeader("Content-Encoding", "gzip"); response->addHeader("Content-Encoding", "gzip");
@ -733,6 +789,9 @@ void ESPUIClass::begin(const char *_title) {
// Stylesheets // Stylesheets
server->on("/css/style.css", HTTP_GET, [](AsyncWebServerRequest *request) { server->on("/css/style.css", HTTP_GET, [](AsyncWebServerRequest *request) {
if (ESPUI.basicAuth && !request->authenticate(ESPUI.basicAuthUsername,
ESPUI.basicAuthPassword))
return request->requestAuthentication();
AsyncWebServerResponse *response = request->beginResponse_P( AsyncWebServerResponse *response = request->beginResponse_P(
200, "text/css", CSS_STYLE_GZIP, sizeof(CSS_STYLE_GZIP)); 200, "text/css", CSS_STYLE_GZIP, sizeof(CSS_STYLE_GZIP));
response->addHeader("Content-Encoding", "gzip"); response->addHeader("Content-Encoding", "gzip");
@ -741,6 +800,9 @@ void ESPUIClass::begin(const char *_title) {
server->on( server->on(
"/css/normalize.css", HTTP_GET, [](AsyncWebServerRequest *request) { "/css/normalize.css", HTTP_GET, [](AsyncWebServerRequest *request) {
if (ESPUI.basicAuth && !request->authenticate(ESPUI.basicAuthUsername,
ESPUI.basicAuthPassword))
return request->requestAuthentication();
AsyncWebServerResponse *response = request->beginResponse_P( AsyncWebServerResponse *response = request->beginResponse_P(
200, "text/css", CSS_NORMALIZE_GZIP, sizeof(CSS_NORMALIZE_GZIP)); 200, "text/css", CSS_NORMALIZE_GZIP, sizeof(CSS_NORMALIZE_GZIP));
response->addHeader("Content-Encoding", "gzip"); response->addHeader("Content-Encoding", "gzip");
@ -749,6 +811,9 @@ void ESPUIClass::begin(const char *_title) {
// Heap for general Servertest // Heap for general Servertest
server->on("/heap", HTTP_GET, [](AsyncWebServerRequest *request) { server->on("/heap", HTTP_GET, [](AsyncWebServerRequest *request) {
if (ESPUI.basicAuth && !request->authenticate(ESPUI.basicAuthUsername,
ESPUI.basicAuthPassword))
return request->requestAuthentication();
request->send(200, "text/plain", request->send(200, "text/plain",
String(ESP.getFreeHeap()) + " In Memorymode"); String(ESP.getFreeHeap()) + " In Memorymode");
}); });

View File

@ -101,8 +101,12 @@ typedef struct Control {
class ESPUIClass { class ESPUIClass {
public: public:
void begin(const char *_title); // Setup servers and page in Memorymode void begin(const char *_title); // Setup servers and page in Memorymode
void begin(const char *_title, const char *username, const char *password);
void beginSPIFFS(const char *_title); // Setup servers and page in SPIFFSmode void beginSPIFFS(const char *_title); // Setup servers and page in SPIFFSmode
void beginSPIFFS(const char *_title, const char *username,
const char *password);
void prepareFileSystem(); // Initially preps the filesystem and loads a lot void prepareFileSystem(); // Initially preps the filesystem and loads a lot
// of stuff into SPIFFS // of stuff into SPIFFS
@ -160,6 +164,9 @@ class ESPUIClass {
bool labelExists(String label); bool labelExists(String label);
private: private:
const char *basicAuthUsername;
const char *basicAuthPassword;
bool basicAuth = true;
AsyncWebServer *server; AsyncWebServer *server;
AsyncWebSocket *ws; AsyncWebSocket *ws;
}; };