jeans/Tasmota
jeans/Tasmota
1
0
Fork 0
mirror of https://github.com/arendst/Tasmota.git synced 2025-07-27 04:36:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor web authentication

Browse Source 
Refactor web authentication
This commit is contained in:
Theo Arends 2021-01-08 14:10:34 +01:00
parent 07804ca01b
commit 4390fe03fe
1 changed files with 13 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
tasmota/xdrv_01_webserver.ino
View File

@ -684,7 +684,7 @@ void WSContentSend_PD(const char* formatP, ...) // Content send snprintf_P ch
void WSContentStart_P(const char* title, bool auth) void WSContentStart_P(const char* title, bool auth)
{ {
if (auth && strlen(SettingsText(SET_WEBPWD)) && !Webserver->authenticate(WEB_USERNAME, SettingsText(SET_WEBPWD))) { if (auth && !WebAuthenticate()) {
return Webserver->requestAuthentication(); return Webserver->requestAuthentication();
} }
@ -2606,23 +2606,20 @@ void HandleHttpCommand(void)
AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_COMMAND)); AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_COMMAND));
if (strlen(SettingsText(SET_WEBPWD))) { if (!WebAuthenticate()) {
// Prefer authorization via HTTP header (Basic auth), if it fails, use legacy method via GET parameters // Prefer authorization via HTTP header (Basic auth), if it fails, use legacy method via GET parameters
if (!Webserver->authenticate(WEB_USERNAME, SettingsText(SET_WEBPWD))) {
char tmp1[33]; char tmp1[33];
WebGetArg("user", tmp1, sizeof(tmp1)); WebGetArg("user", tmp1, sizeof(tmp1));
char tmp2[strlen(SettingsText(SET_WEBPWD)) + 1]; char tmp2[strlen(SettingsText(SET_WEBPWD)) + 1];
WebGetArg("password", tmp2, sizeof(tmp2)); WebGetArg("password", tmp2, sizeof(tmp2));
if (!(!strcmp(tmp1, WEB_USERNAME) && !strcmp(tmp2, SettingsText(SET_WEBPWD)))) if (!(!strcmp(tmp1, WEB_USERNAME) && !strcmp(tmp2, SettingsText(SET_WEBPWD)))) {
{
WSContentBegin(401, CT_JSON); WSContentBegin(401, CT_JSON);
WSContentSend_P(PSTR("{\"" D_RSLT_WARNING "\":\"" D_NEED_USER_AND_PASSWORD "\"}")); WSContentSend_P(PSTR("{\"" D_RSLT_WARNING "\":\"" D_NEED_USER_AND_PASSWORD "\"}"));
WSContentEnd(); WSContentEnd();
return; return;
} }
} }
}
WSContentBegin(200, CT_JSON); WSContentBegin(200, CT_JSON);
String svalue = Webserver->arg("cmnd"); String svalue = Webserver->arg("cmnd");