mirrors
/
Tasmota
mirror of https://github.com/arendst/Tasmota.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

6.2.1.5 Add web authentication 

Add authentication to HTTP web pages
This commit is contained in:
Theo Arends 2018-09-21 11:15:42 +02:00
parent 3474ccae74
commit 415ed97dab
6 changed files with 56 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sonoff/_changelog.ino
View File

@ -1,4 +1,7 @@
/* 6.2.1.4 20180916 /* 6.2.1.5 20180921
* Add authentication to HTTP web pages
*
* 6.2.1.4 20180916
* Add command SerialSend5 to send raw serial data like "A5074100545293" * Add command SerialSend5 to send raw serial data like "A5074100545293"
* Update MCP230xx driver * Update MCP230xx driver
* Update Czech translation * Update Czech translation

2
sonoff/sonoff_version.h
View File

@ -20,7 +20,7 @@
#ifndef _SONOFF_VERSION_H_ #ifndef _SONOFF_VERSION_H_
#define _SONOFF_VERSION_H_ #define _SONOFF_VERSION_H_
#define VERSION 0x06020104 #define VERSION 0x06020105
#define D_PROGRAMNAME "Sonoff-Tasmota" #define D_PROGRAMNAME "Sonoff-Tasmota"
#define D_AUTHOR "Theo Arends" #define D_AUTHOR "Theo Arends"

107
sonoff/xdrv_02_webserver.ino
View File

@ -29,8 +29,6 @@
uint8_t *efm8bb1_update = NULL; uint8_t *efm8bb1_update = NULL;
#endif // USE_RF_FLASH #endif // USE_RF_FLASH
#define D_TASMOTA_TOKEN "Tasmota-Token"
enum UploadTypes { UPL_TASMOTA, UPL_SETTINGS, UPL_EFM8BB1 }; enum UploadTypes { UPL_TASMOTA, UPL_SETTINGS, UPL_EFM8BB1 };
const char HTTP_HEAD[] PROGMEM = const char HTTP_HEAD[] PROGMEM =
@ -58,17 +56,13 @@ const char HTTP_HEAD[] PROGMEM =
"eb('s1').value=l.innerText||l.textContent;" "eb('s1').value=l.innerText||l.textContent;"
"eb('p1').focus();" "eb('p1').focus();"
"}" "}"
"function lx(){" "function la(p){"
"if(to==1){" "var a='';"
"if(tp<30){" "if(la.arguments.length==1){"
"tp++;" "a=p;"
"lt=setTimeout(lx,33);" // Wait for token from server "clearTimeout(lt);"
"}else{"
"lt=setTimeout(la,1355);" // Discard action and retry
"}"
"return;"
"}" "}"
"if(x!=null){x.abort();}" // Abort if no response within 2 seconds (happens on restart 1) "if(x!=null){x.abort();}" // Abort if no response within 2 seconds (happens on restart 1)
"x=new XMLHttpRequest();" "x=new XMLHttpRequest();"
"x.onreadystatechange=function(){" "x.onreadystatechange=function(){"
"if(x.readyState==4&&x.status==200){" "if(x.readyState==4&&x.status==200){"
@ -76,32 +70,15 @@ const char HTTP_HEAD[] PROGMEM =
"eb('l1').innerHTML=s;" "eb('l1').innerHTML=s;"
"}" "}"
"};" "};"
"x.open('GET','ay'+pc,true);" // Async request "x.open('GET','ay'+a,true);"
"x.setRequestHeader('" D_TASMOTA_TOKEN "',to);" "x.send();"
"x.send();" // Perform command if available and get updated information "lt=setTimeout(la,2345);"
"pc='';"
"lt=setTimeout(la,2345-(tp*33));"
"}"
"function la(p){"
"if(la.arguments.length==1){"
"pc='?'+p;"
"clearTimeout(lt);"
"}else{pc='';}"
"to=1;tp=0;"
"if(x!=null){x.abort();}" // Abort if no response within 2 seconds (happens on restart 1)
"x=new XMLHttpRequest();"
"x.onreadystatechange=function(){"
"if(x.readyState==4&&x.status==200){to=x.getResponseHeader('" D_TASMOTA_TOKEN "');}else{to=1;}"
"};"
"x.open('GET','az',true);" // Async request
"x.send();" // Get token from server
"lx();"
"}" "}"
"function lb(p){" "function lb(p){"
"la('d='+p);" "la('?d='+p);"
"}" "}"
"function lc(p){" "function lc(p){"
"la('c='+p);" "la('?t='+p);"
"}"; "}";
const char HTTP_HEAD_STYLE[] PROGMEM = const char HTTP_HEAD_STYLE[] PROGMEM =
@ -340,7 +317,7 @@ const char HTTP_END[] PROGMEM =
"</body>" "</body>"
"</html>"; "</html>";
const char HTTP_DEVICE_CONTROL[] PROGMEM = "<td style='width:%d%%'><button onclick='la(\"o=%d\");'>%s%s</button></td>"; const char HTTP_DEVICE_CONTROL[] PROGMEM = "<td style='width:%d%%'><button onclick='la(\"?o=%d\");'>%s%s</button></td>";
const char HTTP_DEVICE_STATE[] PROGMEM = "%s<td style='width:%d{c}%s;font-size:%dpx'>%s</div></td>"; // {c} = %'><div style='text-align:center;font-weight: const char HTTP_DEVICE_STATE[] PROGMEM = "%s<td style='width:%d{c}%s;font-size:%dpx'>%s</div></td>"; // {c} = %'><div style='text-align:center;font-weight:
const char HDR_CTYPE_PLAIN[] PROGMEM = "text/plain"; const char HDR_CTYPE_PLAIN[] PROGMEM = "text/plain";
@ -349,8 +326,6 @@ const char HDR_CTYPE_XML[] PROGMEM = "text/xml";
const char HDR_CTYPE_JSON[] PROGMEM = "application/json"; const char HDR_CTYPE_JSON[] PROGMEM = "application/json";
const char HDR_CTYPE_STREAM[] PROGMEM = "application/octet-stream"; const char HDR_CTYPE_STREAM[] PROGMEM = "application/octet-stream";
const char HDR_TASMOTA_TOKEN[] PROGMEM = D_TASMOTA_TOKEN;
#define DNS_PORT 53 #define DNS_PORT 53
enum HttpOptions {HTTP_OFF, HTTP_USER, HTTP_ADMIN, HTTP_MANAGER}; enum HttpOptions {HTTP_OFF, HTTP_USER, HTTP_ADMIN, HTTP_MANAGER};
@ -366,7 +341,6 @@ uint8_t upload_progress_dot_count;
uint8_t config_block_count = 0; uint8_t config_block_count = 0;
uint8_t config_xor_on = 0; uint8_t config_xor_on = 0;
uint8_t config_xor_on_set = CONFIG_FILE_XOR; uint8_t config_xor_on_set = CONFIG_FILE_XOR;
long ajax_token = 1;
// Helper function to avoid code duplication (saves 4k Flash) // Helper function to avoid code duplication (saves 4k Flash)
static void WebGetArg(const char* arg, char* out, size_t max) static void WebGetArg(const char* arg, char* out, size_t max)
@ -400,11 +374,10 @@ void StartWebserver(int type, IPAddress ipweb)
WebServer->on("/up", HandleUpgradeFirmware); WebServer->on("/up", HandleUpgradeFirmware);
WebServer->on("/u1", HandleUpgradeFirmwareStart); // OTA WebServer->on("/u1", HandleUpgradeFirmwareStart); // OTA
WebServer->on("/u2", HTTP_POST, HandleUploadDone, HandleUploadLoop); WebServer->on("/u2", HTTP_POST, HandleUploadDone, HandleUploadLoop);
WebServer->on("/u2", HTTP_OPTIONS, HandlePreflightRequest);
WebServer->on("/cs", HandleConsole); WebServer->on("/cs", HandleConsole);
WebServer->on("/ax", HandleAjaxConsoleRefresh); WebServer->on("/ax", HandleAjaxConsoleRefresh);
WebServer->on("/ay", HandleAjaxStatusRefresh); WebServer->on("/ay", HandleAjaxStatusRefresh);
WebServer->on("/az", HandleToken);
WebServer->on("/u2", HTTP_OPTIONS, HandlePreflightRequest);
WebServer->on("/cm", HandleHttpCommand); WebServer->on("/cm", HandleHttpCommand);
WebServer->on("/rb", HandleRestart); WebServer->on("/rb", HandleRestart);
#ifndef BE_MINIMAL #ifndef BE_MINIMAL
@ -509,6 +482,15 @@ void SetHeader()
#endif #endif
} }
bool WebAuthenticate(void)
{
if (Settings.web_password[0] != 0) {
return WebServer->authenticate(WEB_USERNAME, Settings.web_password);
} else {
return true;
}
}
void ShowPage(String &page, bool auth) void ShowPage(String &page, bool auth)
{ {
if (auth && (Settings.web_password[0] != 0) && !WebServer->authenticate(WEB_USERNAME, Settings.web_password)) { if (auth && (Settings.web_password[0] != 0) && !WebServer->authenticate(WEB_USERNAME, Settings.web_password)) {
@ -619,7 +601,7 @@ void HandleRoot()
if (idx > 0) { page += F("</tr><tr>"); } if (idx > 0) { page += F("</tr><tr>"); }
for (byte j = 0; j < 4; j++) { for (byte j = 0; j < 4; j++) {
idx++; idx++;
snprintf_P(mqtt_data, sizeof(mqtt_data), PSTR("<td style='width:25%'><button onclick='la(\"k=%d\");'>%d</button></td>"), idx, idx); snprintf_P(mqtt_data, sizeof(mqtt_data), PSTR("<td style='width:25%'><button onclick='la(\"?k=%d\");'>%d</button></td>"), idx, idx);
page += mqtt_data; page += mqtt_data;
} }
} }
@ -634,34 +616,13 @@ void HandleRoot()
} }
} }
void HandleToken()
{
char token[11];
ajax_token = random(2, 0x7FFFFFFF);
snprintf_P(token, sizeof(token), PSTR("%u"), ajax_token);
SetHeader();
WebServer->sendHeader(FPSTR(HDR_TASMOTA_TOKEN), token);
snprintf_P(token, sizeof(token), PSTR("%u"), random(0x7FFFFFFF));
WebServer->send(200, FPSTR(HDR_CTYPE_HTML), token);
const char* header_key[] = { D_TASMOTA_TOKEN };
WebServer->collectHeaders(header_key, 1);
}
void HandleAjaxStatusRefresh() void HandleAjaxStatusRefresh()
{ {
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
char svalue[80]; char svalue[80];
char tmp[100]; char tmp[100];
if (WebServer->header(FPSTR(HDR_TASMOTA_TOKEN)).toInt() != ajax_token) {
snprintf_P(mqtt_data, sizeof(mqtt_data), PSTR(D_FILE_NOT_FOUND));
SetHeader();
WebServer->send(404, FPSTR(HDR_CTYPE_PLAIN), mqtt_data);
return;
}
ajax_token = 1;
WebGetArg("o", tmp, sizeof(tmp)); WebGetArg("o", tmp, sizeof(tmp));
if (strlen(tmp)) { if (strlen(tmp)) {
ShowWebSource(SRC_WEBGUI); ShowWebSource(SRC_WEBGUI);
@ -736,6 +697,7 @@ boolean HttpUser()
void HandleConfiguration() void HandleConfiguration()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURATION); AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURATION);
String page = FPSTR(HTTP_HEAD); String page = FPSTR(HTTP_HEAD);
@ -759,6 +721,7 @@ void HandleConfiguration()
void HandleModuleConfiguration() void HandleModuleConfiguration()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
char stemp[20]; char stemp[20];
uint8_t midx; uint8_t midx;
@ -829,6 +792,7 @@ void HandleWifiConfiguration()
void HandleWifi(boolean scan) void HandleWifi(boolean scan)
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_WIFI); AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_WIFI);
@ -925,6 +889,7 @@ void HandleWifi(boolean scan)
void HandleMqttConfiguration() void HandleMqttConfiguration()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_MQTT); AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_MQTT);
String page = FPSTR(HTTP_HEAD); String page = FPSTR(HTTP_HEAD);
@ -948,6 +913,7 @@ void HandleMqttConfiguration()
void HandleLoggingConfiguration() void HandleLoggingConfiguration()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_LOGGING); AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_LOGGING);
String page = FPSTR(HTTP_HEAD); String page = FPSTR(HTTP_HEAD);
@ -995,6 +961,7 @@ void HandleLoggingConfiguration()
void HandleOtherConfiguration() void HandleOtherConfiguration()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_OTHER); AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_OTHER);
char stemp[40]; char stemp[40];
@ -1032,6 +999,7 @@ void HandleOtherConfiguration()
void HandleBackupConfiguration() void HandleBackupConfiguration()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_BACKUP_CONFIGURATION)); AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_BACKUP_CONFIGURATION));
if (!SettingsBufferAlloc()) { return; } if (!SettingsBufferAlloc()) { return; }
@ -1067,6 +1035,7 @@ void HandleBackupConfiguration()
void HandleSaveSettings() void HandleSaveSettings()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
char stemp[TOPSZ]; char stemp[TOPSZ];
char stemp2[TOPSZ]; char stemp2[TOPSZ];
@ -1232,6 +1201,7 @@ void HandleSaveSettings()
void HandleResetConfiguration() void HandleResetConfiguration()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
char svalue[33]; char svalue[33];
@ -1252,6 +1222,7 @@ void HandleResetConfiguration()
void HandleRestoreConfiguration() void HandleRestoreConfiguration()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_RESTORE_CONFIGURATION); AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_RESTORE_CONFIGURATION);
String page = FPSTR(HTTP_HEAD); String page = FPSTR(HTTP_HEAD);
@ -1270,6 +1241,7 @@ void HandleRestoreConfiguration()
void HandleInformation() void HandleInformation()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_INFORMATION); AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_INFORMATION);
char stopic[TOPSZ]; char stopic[TOPSZ];
@ -1386,6 +1358,7 @@ void HandleInformation()
void HandleUpgradeFirmware() void HandleUpgradeFirmware()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_FIRMWARE_UPGRADE); AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_FIRMWARE_UPGRADE);
String page = FPSTR(HTTP_HEAD); String page = FPSTR(HTTP_HEAD);
@ -1405,6 +1378,7 @@ void HandleUpgradeFirmware()
void HandleUpgradeFirmwareStart() void HandleUpgradeFirmwareStart()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
char svalue[100]; char svalue[100];
AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_UPGRADE_STARTED)); AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_UPGRADE_STARTED));
@ -1432,6 +1406,7 @@ void HandleUpgradeFirmwareStart()
void HandleUploadDone() void HandleUploadDone()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_UPLOAD_DONE)); AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_UPLOAD_DONE));
char error[100]; char error[100];
@ -1684,6 +1659,7 @@ void HandlePreflightRequest()
void HandleHttpCommand() void HandleHttpCommand()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
// if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
char svalue[INPUT_BUFFER_SIZE]; // Large to serve Backlog char svalue[INPUT_BUFFER_SIZE]; // Large to serve Backlog
AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_COMMAND)); AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_COMMAND));
@ -1741,6 +1717,7 @@ void HandleHttpCommand()
void HandleConsole() void HandleConsole()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONSOLE); AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONSOLE);
String page = FPSTR(HTTP_HEAD); String page = FPSTR(HTTP_HEAD);
@ -1756,6 +1733,7 @@ void HandleConsole()
void HandleAjaxConsoleRefresh() void HandleAjaxConsoleRefresh()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
char svalue[INPUT_BUFFER_SIZE]; // Large to serve Backlog char svalue[INPUT_BUFFER_SIZE]; // Large to serve Backlog
byte cflg = 1; byte cflg = 1;
byte counter = 0; // Initial start, should never be 0 again byte counter = 0; // Initial start, should never be 0 again
@ -1812,6 +1790,7 @@ void HandleAjaxConsoleRefresh()
void HandleRestart() void HandleRestart()
{ {
if (HttpUser()) { return; } if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_RESTART); AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_RESTART);
String page = FPSTR(HTTP_HEAD); String page = FPSTR(HTTP_HEAD);

6
sonoff/xdrv_07_domoticz.ino
View File

@ -375,10 +375,8 @@ const char S_CONFIGURE_DOMOTICZ[] PROGMEM = D_CONFIGURE_DOMOTICZ;
void HandleDomoticzConfiguration() void HandleDomoticzConfiguration()
{ {
if (HTTP_USER == webserver_state) { if (HttpUser()) { return; }
HandleRoot(); if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
return;
}
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_DOMOTICZ); AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_DOMOTICZ);
char stemp[32]; char stemp[32];

6
sonoff/xdrv_09_timers.ino
View File

@ -676,10 +676,8 @@ const char S_CONFIGURE_TIMER[] PROGMEM = D_CONFIGURE_TIMER;
void HandleTimerConfiguration() void HandleTimerConfiguration()
{ {
if (HTTP_USER == webserver_state) { if (HttpUser()) { return; }
HandleRoot(); if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
return;
}
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_TIMER); AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_TIMER);
String page = FPSTR(HTTP_HEAD); String page = FPSTR(HTTP_HEAD);

10
sonoff/xdrv_11_knx.ino
View File

@ -803,15 +803,13 @@ const char HTTP_FORM_KNX_ADD_TABLE_ROW2[] PROGMEM =
void HandleKNXConfiguration() void HandleKNXConfiguration()
{ {
if (HttpUser()) { return; }
if (!WebAuthenticate()) { return WebServer->requestAuthentication(); }
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_KNX);
char tmp[100]; char tmp[100];
String stmp; String stmp;
if (HTTP_USER == webserver_state) {
HandleRoot();
return;
}
AddLog_P(LOG_LEVEL_DEBUG, S_LOG_HTTP, S_CONFIGURE_KNX);
if ( WebServer->hasArg("save") ) { if ( WebServer->hasArg("save") ) {
KNX_Save_Settings(); KNX_Save_Settings();
HandleConfiguration(); HandleConfiguration();