jeans/Tasmota
jeans/Tasmota
1
0
Fork 0
mirror of https://github.com/arendst/Tasmota.git synced 2025-07-27 12:46:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor web authentication

Browse Source 
Refactor web authentication
This commit is contained in:
Theo Arends 2021-01-08 14:10:34 +01:00
parent 07804ca01b
commit 4390fe03fe
1 changed files with 13 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
tasmota/xdrv_01_webserver.ino
View File

@ -684,7 +684,7 @@ void WSContentSend_PD(const char* formatP, ...) // Content send snprintf_P ch
void WSContentStart_P(const char* title, bool auth) void WSContentStart_P(const char* title, bool auth)
{ {
if (auth && strlen(SettingsText(SET_WEBPWD)) && !Webserver->authenticate(WEB_USERNAME, SettingsText(SET_WEBPWD))) { if (auth && !WebAuthenticate()) {
return Webserver->requestAuthentication(); return Webserver->requestAuthentication();
} }
@ -2606,22 +2606,19 @@ void HandleHttpCommand(void)
AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_COMMAND)); AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_COMMAND));
if (strlen(SettingsText(SET_WEBPWD))) { if (!WebAuthenticate()) {
//Prefer authorization via HTTP header (Basic auth), if it fails, use legacy method via GET parameters // Prefer authorization via HTTP header (Basic auth), if it fails, use legacy method via GET parameters
if (!Webserver->authenticate(WEB_USERNAME, SettingsText(SET_WEBPWD))) { char tmp1[33];
char tmp1[33]; WebGetArg("user", tmp1, sizeof(tmp1));
WebGetArg("user", tmp1, sizeof(tmp1)); char tmp2[strlen(SettingsText(SET_WEBPWD)) + 1];
char tmp2[strlen(SettingsText(SET_WEBPWD)) + 1]; WebGetArg("password", tmp2, sizeof(tmp2));
WebGetArg("password", tmp2, sizeof(tmp2));
if (!(!strcmp(tmp1, WEB_USERNAME) && !strcmp(tmp2, SettingsText(SET_WEBPWD)))) if (!(!strcmp(tmp1, WEB_USERNAME) && !strcmp(tmp2, SettingsText(SET_WEBPWD)))) {
{ WSContentBegin(401, CT_JSON);
WSContentBegin(401, CT_JSON); WSContentSend_P(PSTR("{\"" D_RSLT_WARNING "\":\"" D_NEED_USER_AND_PASSWORD "\"}"));
WSContentSend_P(PSTR("{\"" D_RSLT_WARNING "\":\"" D_NEED_USER_AND_PASSWORD "\"}")); WSContentEnd();
WSContentEnd(); return;
return; }
}
}
} }
WSContentBegin(200, CT_JSON); WSContentBegin(200, CT_JSON);