add basic auth filter

jomjol · Mar 25, 2023 · 349e312 · 349e312
1 parent 727b871
commit 349e312
Show file tree

Hide file tree

Showing 13 changed files with 187 additions and 44 deletions.
diff --git a/code/components/jomjol_controlGPIO/server_GPIO.cpp b/code/components/jomjol_controlGPIO/server_GPIO.cpp
@@ -27,6 +27,8 @@
 #endif //ENABLE_MQTT
 
 
+#include "basic_auth.h"
+
 static const char *TAG = "GPIO";
 QueueHandle_t gpio_queue_handle = NULL;
 
@@ -459,7 +461,7 @@ void GpioHandler::registerGpioUri()
     httpd_uri_t camuri = { };
     camuri.method    = HTTP_GET;
     camuri.uri       = "/GPIO";
-    camuri.handler   = callHandleHttpRequest;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(callHandleHttpRequest);
     camuri.user_ctx  = (void*)this;    
     httpd_register_uri_handler(_httpServer, &camuri);
 }

diff --git a/code/components/jomjol_controlcamera/server_camera.cpp b/code/components/jomjol_controlcamera/server_camera.cpp
@@ -9,6 +9,8 @@
 #include "ClassLogFile.h"
 #include "esp_log.h"
 
+#include "basic_auth.h"
+
 #include "../../include/defines.h"
 
 static const char *TAG = "server_cam";
@@ -264,27 +266,27 @@ void register_server_camera_uri(httpd_handle_t server)
     camuri.method    = HTTP_GET;
 
     camuri.uri       = "/lighton";
-    camuri.handler   = handler_lightOn;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_lightOn);
     camuri.user_ctx  = (void*) "Light On";    
     httpd_register_uri_handler(server, &camuri);
 
     camuri.uri       = "/lightoff";
-    camuri.handler   = handler_lightOff;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_lightOff);
     camuri.user_ctx  = (void*) "Light Off"; 
     httpd_register_uri_handler(server, &camuri);    
 
     camuri.uri       = "/capture";
-    camuri.handler   = handler_capture;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_capture);
     camuri.user_ctx  = NULL; 
     httpd_register_uri_handler(server, &camuri);      
 
     camuri.uri       = "/capture_with_flashlight";
-    camuri.handler   = handler_capture_with_light;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_capture_with_light);
     camuri.user_ctx  = NULL; 
     httpd_register_uri_handler(server, &camuri);  
 
     camuri.uri       = "/save";
-    camuri.handler   = handler_capture_save_to_file;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_capture_save_to_file);
     camuri.user_ctx  = NULL; 
     httpd_register_uri_handler(server, &camuri);    
 }
diff --git a/code/components/jomjol_fileserver_ota/server_file.cpp b/code/components/jomjol_fileserver_ota/server_file.cpp
@@ -47,6 +47,7 @@ extern "C" {
 #include "Helper.h"
 #include "miniz.h"
 
+#include "basic_auth.h"
 
 static const char *TAG = "OTA FILE";
 
@@ -1155,7 +1156,7 @@ void register_server_file_uri(httpd_handle_t server, const char *base_path)
     httpd_uri_t file_download = {
         .uri       = "/fileserver*",  // Match all URIs of type /path/to/file
         .method    = HTTP_GET,
-        .handler   = download_get_handler,
+        .handler   = APPLY_BASIC_AUTH_FILTER(download_get_handler),
         .user_ctx  = server_data    // Pass server data as context
     };
     httpd_register_uri_handler(server, &file_download);
@@ -1164,7 +1165,7 @@ void register_server_file_uri(httpd_handle_t server, const char *base_path)
     httpd_uri_t file_datafileact = {
         .uri       = "/datafileact",  // Match all URIs of type /path/to/file
         .method    = HTTP_GET,
-        .handler   = datafileact_get_full_handler,
+        .handler   = APPLY_BASIC_AUTH_FILTER(datafileact_get_full_handler),
         .user_ctx  = server_data    // Pass server data as context
     };
     httpd_register_uri_handler(server, &file_datafileact);
@@ -1173,15 +1174,15 @@ void register_server_file_uri(httpd_handle_t server, const char *base_path)
     httpd_uri_t file_datafile_last_part_handle = {
         .uri       = "/data",  // Match all URIs of type /path/to/file
         .method    = HTTP_GET,
-        .handler   = datafileact_get_last_part_handler,
+        .handler   = APPLY_BASIC_AUTH_FILTER(datafileact_get_last_part_handler),
         .user_ctx  = server_data    // Pass server data as context
     };
     httpd_register_uri_handler(server, &file_datafile_last_part_handle);
 
     httpd_uri_t file_logfileact = {
         .uri       = "/logfileact",  // Match all URIs of type /path/to/file
         .method    = HTTP_GET,
-        .handler   = logfileact_get_full_handler,
+        .handler   = APPLY_BASIC_AUTH_FILTER(logfileact_get_full_handler),
         .user_ctx  = server_data    // Pass server data as context
     };
     httpd_register_uri_handler(server, &file_logfileact);
@@ -1190,7 +1191,7 @@ void register_server_file_uri(httpd_handle_t server, const char *base_path)
     httpd_uri_t file_logfile_last_part_handle = {
         .uri       = "/log",  // Match all URIs of type /path/to/file
         .method    = HTTP_GET,
-        .handler   = logfileact_get_last_part_handler,
+        .handler   = APPLY_BASIC_AUTH_FILTER(logfileact_get_last_part_handler),
         .user_ctx  = server_data    // Pass server data as context
     };
     httpd_register_uri_handler(server, &file_logfile_last_part_handle);
@@ -1200,7 +1201,7 @@ void register_server_file_uri(httpd_handle_t server, const char *base_path)
     httpd_uri_t file_upload = {
         .uri       = "/upload/*",   // Match all URIs of type /upload/path/to/file
         .method    = HTTP_POST,
-        .handler   = upload_post_handler,
+        .handler   = APPLY_BASIC_AUTH_FILTER(upload_post_handler),
         .user_ctx  = server_data    // Pass server data as context
     };
     httpd_register_uri_handler(server, &file_upload);
@@ -1209,7 +1210,7 @@ void register_server_file_uri(httpd_handle_t server, const char *base_path)
     httpd_uri_t file_delete = {
         .uri       = "/delete/*",   // Match all URIs of type /delete/path/to/file
         .method    = HTTP_POST,
-        .handler   = delete_post_handler,
+        .handler   = APPLY_BASIC_AUTH_FILTER(delete_post_handler),
         .user_ctx  = server_data    // Pass server data as context
     };
     httpd_register_uri_handler(server, &file_delete);

diff --git a/code/components/jomjol_fileserver_ota/server_ota.cpp b/code/components/jomjol_fileserver_ota/server_ota.cpp
@@ -40,8 +40,10 @@
 
 #include "Helper.h"
 #include "statusled.h"
+#include "basic_auth.h"
 #include "../../include/defines.h"
 
+
 /*an ota data write buffer ready to write to the flash*/
 static char ota_write_data[SERVER_OTA_SCRATCH_BUFSIZE + 1] = { 0 };
 
@@ -682,13 +684,13 @@ void register_server_ota_sdcard_uri(httpd_handle_t server)
     httpd_uri_t camuri = { };
     camuri.method    = HTTP_GET;
     camuri.uri       = "/ota";
-    camuri.handler   = handler_ota_update;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_ota_update);
     camuri.user_ctx  = (void*) "Do OTA";    
     httpd_register_uri_handler(server, &camuri);
 
     camuri.method    = HTTP_GET;
     camuri.uri       = "/reboot";
-    camuri.handler   = handler_reboot;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_reboot);
     camuri.user_ctx  = (void*) "Reboot";    
     httpd_register_uri_handler(server, &camuri);
 

diff --git a/code/components/jomjol_mqtt/server_mqtt.cpp b/code/components/jomjol_mqtt/server_mqtt.cpp
@@ -12,6 +12,7 @@
 #include "interface_mqtt.h"
 #include "time_sntp.h"
 #include "../../include/defines.h"
+#include "basic_auth.h"
 
 
 
@@ -308,7 +309,7 @@ void register_server_mqtt_uri(httpd_handle_t server) {
     uri.method    = HTTP_GET;
 
     uri.uri       = "/mqtt_publish_discovery";
-    uri.handler   = scheduleSendingDiscovery_and_static_Topics;
+    uri.handler   = APPLY_BASIC_AUTH_FILTER(scheduleSendingDiscovery_and_static_Topics);
     uri.user_ctx  = (void*) "";    
     httpd_register_uri_handler(server, &uri); 
 }

diff --git a/code/components/jomjol_tfliteclass/server_tflite.cpp b/code/components/jomjol_tfliteclass/server_tflite.cpp
@@ -28,6 +28,9 @@
 #include "psram.h"
 
 
+#include "basic_auth.h"
+
+
 ClassFlowControll tfliteflow;
 
 TaskHandle_t xHandletask_autodoFlow = NULL;
@@ -983,92 +986,91 @@ void register_server_tflite_uri(httpd_handle_t server)
     camuri.method    = HTTP_GET;
 
     camuri.uri       = "/doinit";
-    camuri.handler   = handler_init;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_init);
     camuri.user_ctx  = (void*) "Light On";    
     httpd_register_uri_handler(server, &camuri);
 
     // Legacy API => New: "/setPreValue"
     camuri.uri       = "/setPreValue.html";
-    camuri.handler   = handler_prevalue;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_prevalue);
     camuri.user_ctx  = (void*) "Prevalue";    
     httpd_register_uri_handler(server, &camuri);
 
     camuri.uri       = "/setPreValue";
-    camuri.handler   = handler_prevalue;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_prevalue);
     camuri.user_ctx  = (void*) "Prevalue";    
     httpd_register_uri_handler(server, &camuri);
 
     camuri.uri       = "/flow_start";
-    camuri.handler   = handler_flow_start;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_flow_start);
     camuri.user_ctx  = (void*) "Flow Start"; 
     httpd_register_uri_handler(server, &camuri);
 
     camuri.uri       = "/statusflow.html";
-    camuri.handler   = handler_statusflow;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_statusflow);
     camuri.user_ctx  = (void*) "Light Off"; 
     httpd_register_uri_handler(server, &camuri);
 
     camuri.uri       = "/statusflow";
-    camuri.handler   = handler_statusflow;
-    camuri.user_ctx  = (void*) "Light Off";
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_statusflow);
+    camuri.user_ctx  = (void*) "Light Off"; 
     httpd_register_uri_handler(server, &camuri);
 
     // Legacy API => New: "/cpu_temperature"
     camuri.uri       = "/cputemp.html";
-    camuri.handler   = handler_cputemp;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_cputemp);
     camuri.user_ctx  = (void*) "Light Off";
     httpd_register_uri_handler(server, &camuri);
 
     camuri.uri       = "/cpu_temperature";
-    camuri.handler   = handler_cputemp;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_cputemp);
     camuri.user_ctx  = (void*) "Light Off"; 
     httpd_register_uri_handler(server, &camuri);
 
     // Legacy API => New: "/rssi"
     camuri.uri       = "/rssi.html";
-    camuri.handler   = handler_rssi;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_rssi);
     camuri.user_ctx  = (void*) "Light Off"; 
     httpd_register_uri_handler(server, &camuri);
 
     camuri.uri       = "/rssi";
-    camuri.handler   = handler_rssi;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_rssi);
     camuri.user_ctx  = (void*) "Light Off";
     httpd_register_uri_handler(server, &camuri);
 
     camuri.uri       = "/uptime";
-    camuri.handler   = handler_uptime;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_uptime);
     camuri.user_ctx  = (void*) "Light Off";
     httpd_register_uri_handler(server, &camuri);
 
     camuri.uri       = "/editflow";
-    camuri.handler   = handler_editflow;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_editflow);
     camuri.user_ctx  = (void*) "EditFlow"; 
     httpd_register_uri_handler(server, &camuri);   
 
     // Legacy API => New: "/value"
     camuri.uri       = "/value.html";
-    camuri.handler   = handler_wasserzaehler;
-    camuri.user_ctx  = (void*) "Value";
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_wasserzaehler);
+    camuri.user_ctx  = (void*) "Value"; 
     httpd_register_uri_handler(server, &camuri);
 
     camuri.uri       = "/value";
-    camuri.handler   = handler_wasserzaehler;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_wasserzaehler);
     camuri.user_ctx  = (void*) "Value"; 
     httpd_register_uri_handler(server, &camuri);
 
-    // Legacy API => New: "/value"
     camuri.uri       = "/wasserzaehler.html";
-    camuri.handler   = handler_wasserzaehler;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_wasserzaehler);
     camuri.user_ctx  = (void*) "Wasserzaehler"; 
     httpd_register_uri_handler(server, &camuri);
 
     camuri.uri       = "/json";
-    camuri.handler   = handler_json;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_json);
     camuri.user_ctx  = (void*) "JSON"; 
     httpd_register_uri_handler(server, &camuri);
 
     camuri.uri       = "/heap";
-    camuri.handler   = handler_get_heap;
+    camuri.handler   = APPLY_BASIC_AUTH_FILTER(handler_get_heap);
     camuri.user_ctx  = (void*) "Heap"; 
     httpd_register_uri_handler(server, &camuri);
 }
diff --git a/code/components/jomjol_wlan/read_wlanini.cpp b/code/components/jomjol_wlan/read_wlanini.cpp
@@ -157,8 +157,22 @@ int LoadWlanFromFile(std::string fn)
             #endif
         }
 
-        /* read next line */
-        if (fgets(zw, sizeof(zw), pFile) == NULL) {
+        if ((splitted.size() > 1) && (toUpper(splitted[0]) == "HTTP_USERNAME")){
+            http_username = splitted[1];
+            if ((http_username[0] == '"') && (http_username[http_username.length()-1] == '"')){
+                http_username = http_username.substr(1, http_username.length()-2);
+            }
+        }
+
+        if ((splitted.size() > 1) && (toUpper(splitted[0]) == "HTTP_PASSWORD")){
+            http_password = splitted[1];
+            if ((http_password[0] == '"') && (http_password[http_password.length()-1] == '"')){
+                http_password = http_password.substr(1, http_password.length()-2);
+            }
+        }
+
+        if (fgets(zw, 1024, pFile) == NULL)
+        {
             line = "";
         }
         else {

diff --git a/code/dependencies.lock b/code/dependencies.lock
@@ -1,3 +1,3 @@
-manifest_hash: 4e37bb0f9273c4de05f38688720fe32aa6e5b892452694a4f7a2ca1659f02cf6
+manifest_hash: 63f5c6c9f0bcebc7b9ca12d2aa8b26b2c5f5218d377dc4b2375d9b9ca1df7815
 target: esp32
 version: 1.0.0
diff --git a/code/include/basic_auth.h b/code/include/basic_auth.h
@@ -0,0 +1,10 @@
+#ifndef BASIC_AUTH_H
+#define BASIC_AUTH_H
+
+#include <esp_http_server.h>
+
+void init_basic_auth(char *username, char *password);
+esp_err_t basic_auth_request_filter(httpd_req_t *req, esp_err_t original_handler(httpd_req_t *));
+
+#define APPLY_BASIC_AUTH_FILTER(method) [](httpd_req_t *req){ return basic_auth_request_filter(req, method); }
+#endif