Mirrors/OpenDTU
2
0
Fork 0
mirror of https://github.com/tbnobody/OpenDTU.git synced 2026-03-31 06:17:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

Introduce configuration option to decide wether the web ui is accessable without password or not

Browse Source
This commit is contained in:
Thomas Basler
2022-11-22 23:32:52 +01:00
parent a06a8fec3d
commit 4bdbcbccc5
7 changed files with 33 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/WebApi_security.cpp
View File

@@ -15,8 +15,8 @@ void WebApiSecurityClass::init(AsyncWebServer* server)
_server = server;
_server->on("/api/security/password", HTTP_GET, std::bind(&WebApiSecurityClass::onPasswordGet, this, _1));
_server->on("/api/security/password", HTTP_POST, std::bind(&WebApiSecurityClass::onPasswordPost, this, _1));
_server->on("/api/security/config", HTTP_GET, std::bind(&WebApiSecurityClass::onSecurityGet, this, _1));
_server->on("/api/security/config", HTTP_POST, std::bind(&WebApiSecurityClass::onSecurityPost, this, _1));
_server->on("/api/security/authenticate", HTTP_GET, std::bind(&WebApiSecurityClass::onAuthenticateGet, this, _1));
}
@@ -24,7 +24,7 @@ void WebApiSecurityClass::loop()
{
}
void WebApiSecurityClass::onPasswordGet(AsyncWebServerRequest* request)
void WebApiSecurityClass::onSecurityGet(AsyncWebServerRequest* request)
{
if (!WebApi.checkCredentials(request)) {
return;
@@ -35,12 +35,13 @@ void WebApiSecurityClass::onPasswordGet(AsyncWebServerRequest* request)
const CONFIG_T& config = Configuration.get();
root[F("password")] = config.Security_Password;
root[F("allow_readonly")] = config.Security_AllowReadonly;
response->setLength();
request->send(response);
}
void WebApiSecurityClass::onPasswordPost(AsyncWebServerRequest* request)
void WebApiSecurityClass::onSecurityPost(AsyncWebServerRequest* request)
{
if (!WebApi.checkCredentials(request)) {
return;
@@ -76,7 +77,8 @@ void WebApiSecurityClass::onPasswordPost(AsyncWebServerRequest* request)
return;
}
if (!root.containsKey("password")) {
if (!root.containsKey("password")
&& root.containsKey("allow_readonly")) {
retMsg[F("message")] = F("Values are missing!");
response->setLength();
request->send(response);
@@ -92,6 +94,7 @@ void WebApiSecurityClass::onPasswordPost(AsyncWebServerRequest* request)
CONFIG_T& config = Configuration.get();
strlcpy(config.Security_Password, root[F("password")].as<String>().c_str(), sizeof(config.Security_Password));
config.Security_AllowReadonly = root[F("allow_readonly")].as<bool>();
Configuration.write();
retMsg[F("type")] = F("success");