mirrors
/
Tasmota
mirror of https://github.com/arendst/Tasmota.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor web authentication 

Refactor web authentication
This commit is contained in:
Theo Arends 2021-01-08 14:10:34 +01:00
parent 07804ca01b
commit 4390fe03fe
1 changed files with 13 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
tasmota/xdrv_01_webserver.ino
View File

@ -684,7 +684,7 @@ void WSContentSend_PD(const char* formatP, ...) // Content send snprintf_P ch
void WSContentStart_P(const char* title, bool auth)
{
if (auth && strlen(SettingsText(SET_WEBPWD)) && !Webserver->authenticate(WEB_USERNAME, SettingsText(SET_WEBPWD))) {
if (auth && !WebAuthenticate()) {
return Webserver->requestAuthentication();
}
@ -2606,22 +2606,19 @@ void HandleHttpCommand(void)
AddLog_P(LOG_LEVEL_DEBUG, PSTR(D_LOG_HTTP D_COMMAND));
if (strlen(SettingsText(SET_WEBPWD))) {
//Prefer authorization via HTTP header (Basic auth), if it fails, use legacy method via GET parameters
if (!Webserver->authenticate(WEB_USERNAME, SettingsText(SET_WEBPWD))) {
char tmp1[33];
WebGetArg("user", tmp1, sizeof(tmp1));
char tmp2[strlen(SettingsText(SET_WEBPWD)) + 1];
WebGetArg("password", tmp2, sizeof(tmp2));
if (!WebAuthenticate()) {
// Prefer authorization via HTTP header (Basic auth), if it fails, use legacy method via GET parameters
char tmp1[33];
WebGetArg("user", tmp1, sizeof(tmp1));
char tmp2[strlen(SettingsText(SET_WEBPWD)) + 1];
WebGetArg("password", tmp2, sizeof(tmp2));
if (!(!strcmp(tmp1, WEB_USERNAME) && !strcmp(tmp2, SettingsText(SET_WEBPWD))))
{
WSContentBegin(401, CT_JSON);
WSContentSend_P(PSTR("{\"" D_RSLT_WARNING "\":\"" D_NEED_USER_AND_PASSWORD "\"}"));
WSContentEnd();
return;
}
}
if (!(!strcmp(tmp1, WEB_USERNAME) && !strcmp(tmp2, SettingsText(SET_WEBPWD)))) {
WSContentBegin(401, CT_JSON);
WSContentSend_P(PSTR("{\"" D_RSLT_WARNING "\":\"" D_NEED_USER_AND_PASSWORD "\"}"));
WSContentEnd();
return;
}
}
WSContentBegin(200, CT_JSON);