mh
/
mhsw-espurna
1
0
Fork 0
Code Releases 0 Activity
Fork of the espurna firmware for `mhsw` switches
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3026 Commits
18 Branches
212 MiB
Tree: 49b6d351d9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '49b6d351d9'
${ noResults }
mhsw-espurna/code/espurna/web.ino

428 lines
12 KiB
Raw Normal View History

Complete update
8 years ago
[copyright-update] Update for 2019
5 years ago
Complete update
8 years ago
Option to build without web server support
7 years ago
system: move prototypes to a separate header
4 years ago
relay: replace eeprom 8bit with 32bit bitmask stored in settings - mask is defined as (relay# status << number) - transparently handle base-2 and base-10 numbers - if the relay mode requires us to save the mask, it will be saved as base-2
5 years ago
Headers cleanup (#2134) * Config: remove prototypes.h * fixup order * word * add missing * fix warning while still using .ino * bad at c/p;
4 years ago
Complete update
8 years ago
Further renaming
7 years ago
Pre-build the different available WebUI images
6 years ago
Initial support for RFM69GW board
6 years ago
Use full web UI image if device has more than one webui module (#981)
6 years ago
Initial support for RFM69GW board
6 years ago
Use full web UI image if device has more than one webui module (#981)
6 years ago
Initial support for RFM69GW board
6 years ago
Use full web UI image if device has more than one webui module (#981)
6 years ago
Initial support for RFM69GW board
6 years ago
Use full web UI image if device has more than one webui module (#981)
6 years ago
Initial support for RFM69GW board
6 years ago
UI for LightFox
5 years ago
Fix conflicts: 1. Add thermostat to the espurna_modules in progmem.h 2. Add thermostat to webui, gulp, html, js. 3. in general.h MQTT_USE_JSON returned to 0 by default and 1 if thermostat enabled.
5 years ago
Initial support for RFM69GW board
6 years ago
Use full web UI image if device has more than one webui module (#981)
6 years ago
Pre-build the different available WebUI images
6 years ago
Option to build without NTP support
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
HTTPS disabled by default
7 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Testing web interface over SSL
7 years ago
Option to build without web server support
7 years ago
Option to change the port the embedded webserver is listening to, defaults to 80
7 years ago
Option to build without web server support
7 years ago
Restore settings & reset via HTTP
6 years ago
Complete update
8 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Test support for upcoming fauxmoESP 3.1.0
5 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Fixed size json payload & other WS bugfixes (#1843) - update every dynamicjsonbuffer with fixed size constructor argument - change to ws callback registration to use a class builder (just cosmetic) - test multiple ws data callbacks for each module - remove some of the static strings in favour of ws data callback - improve sensor ws callback data size, remove duplicated strings - use static buffer in wsDebugSend - postpone wsSend until loop, implement wsPost to allow other modules to queue message callbacks. remove Ticker based ws callbacks for data - update WebUI files
5 years ago
Option to build without web server support
7 years ago
Split web code into web, ws and api
7 years ago
Option to build without web server support
7 years ago
Restore settings & reset via HTTP
6 years ago
Authenticate /reset endpoint (#1858)
5 years ago
Restore settings & reset via HTTP
6 years ago
Enable CORS
6 years ago
Fixed size json payload & other WS bugfixes (#1843) - update every dynamicjsonbuffer with fixed size constructor argument - change to ws callback registration to use a class builder (just cosmetic) - test multiple ws data callbacks for each module - remove some of the static strings in favour of ws data callback - improve sensor ws callback data size, remove duplicated strings - use static buffer in wsDebugSend - postpone wsSend until loop, implement wsPost to allow other modules to queue message callbacks. remove Ticker based ws callbacks for data - update WebUI files
5 years ago
Enable CORS
6 years ago
Fixed size json payload & other WS bugfixes (#1843) - update every dynamicjsonbuffer with fixed size constructor argument - change to ws callback registration to use a class builder (just cosmetic) - test multiple ws data callbacks for each module - remove some of the static strings in favour of ws data callback - improve sensor ws callback data size, remove duplicated strings - use static buffer in wsDebugSend - postpone wsSend until loop, implement wsPost to allow other modules to queue message callbacks. remove Ticker based ws callbacks for data - update WebUI files
5 years ago
OTA: verify data stream and properly handle errors (#2067) * webui: improve updater error message * ota: properly check updater state and finalize on errors * finish up ota handling refactor * fail web upgrade when cannot find magic byte * send updater status with no payload arg and always send payload with * mention magic byte and flash mode in webui * gzip magic * make async ota at least usable. timeouts, show errors, try harder to find data after headers * simplify setup and destruction * cleanup class instantiations for ota and url * handle default case of magicflashchipsize * shorter * blobs
4 years ago
Enable CORS
6 years ago
Backup and restore settings from file
7 years ago
Split web code into web, ws and api
7 years ago
Fix telnet & web debug responsiveness (#896)
6 years ago
Backup and restore settings from file
7 years ago
OTA: verify data stream and properly handle errors (#2067) * webui: improve updater error message * ota: properly check updater state and finalize on errors * finish up ota handling refactor * fail web upgrade when cannot find magic byte * send updater status with no payload arg and always send payload with * mention magic byte and flash mode in webui * gzip magic * make async ota at least usable. timeouts, show errors, try harder to find data after headers * simplify setup and destruction * cleanup class instantiations for ota and url * handle default case of magicflashchipsize * shorter * blobs
4 years ago
Backup and restore settings from file
7 years ago
Fix bug using snprintf
7 years ago
Backup and restore settings from file
7 years ago
Added security headers for each HTTP response
6 years ago
Dump settings line by line to prevent memory issues (#896)
6 years ago
Fix crash on loading malformed settings, option to load partial configuration
6 years ago
Adding /api and /apis to API request callback
6 years ago
Dump settings line by line to prevent memory issues (#896)
6 years ago
Fix crash on loading malformed settings, option to load partial configuration
6 years ago
Dump settings line by line to prevent memory issues (#896)
6 years ago
Backup and restore settings from file
7 years ago
Restore settings & reset via HTTP
6 years ago
Fix telnet & web debug responsiveness (#896)
6 years ago
Restore settings & reset via HTTP
6 years ago
OTA: verify data stream and properly handle errors (#2067) * webui: improve updater error message * ota: properly check updater state and finalize on errors * finish up ota handling refactor * fail web upgrade when cannot find magic byte * send updater status with no payload arg and always send payload with * mention magic byte and flash mode in webui * gzip magic * make async ota at least usable. timeouts, show errors, try harder to find data after headers * simplify setup and destruction * cleanup class instantiations for ota and url * handle default case of magicflashchipsize * shorter * blobs
4 years ago
Restore settings & reset via HTTP
6 years ago
Web OTA: check authentication result before accepting payload (#1812)
5 years ago
Restore settings & reset via HTTP
6 years ago
Fixed size json payload & other WS bugfixes (#1843) - update every dynamicjsonbuffer with fixed size constructor argument - change to ws callback registration to use a class builder (just cosmetic) - test multiple ws data callbacks for each module - remove some of the static strings in favour of ws data callback - improve sensor ws callback data size, remove duplicated strings - use static buffer in wsDebugSend - postpone wsSend until loop, implement wsPost to allow other modules to queue message callbacks. remove Ticker based ws callbacks for data - update WebUI files
5 years ago
Restore settings & reset via HTTP
6 years ago
Fixed size json payload & other WS bugfixes (#1843) - update every dynamicjsonbuffer with fixed size constructor argument - change to ws callback registration to use a class builder (just cosmetic) - test multiple ws data callbacks for each module - remove some of the static strings in favour of ws data callback - improve sensor ws callback data size, remove duplicated strings - use static buffer in wsDebugSend - postpone wsSend until loop, implement wsPost to allow other modules to queue message callbacks. remove Ticker based ws callbacks for data - update WebUI files
5 years ago
Restore settings & reset via HTTP
6 years ago
Fixed size json payload & other WS bugfixes (#1843) - update every dynamicjsonbuffer with fixed size constructor argument - change to ws callback registration to use a class builder (just cosmetic) - test multiple ws data callbacks for each module - remove some of the static strings in favour of ws data callback - improve sensor ws callback data size, remove duplicated strings - use static buffer in wsDebugSend - postpone wsSend until loop, implement wsPost to allow other modules to queue message callbacks. remove Ticker based ws callbacks for data - update WebUI files
5 years ago
Restore settings & reset via HTTP
6 years ago
Further renaming
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Using gulp to generate the embedded web contents, added Last-Modifier support to embedded home
7 years ago
Split web code into web, ws and api
7 years ago
Fix telnet & web debug responsiveness (#896)
6 years ago
Using gulp to generate the embedded web contents, added Last-Modifier support to embedded home
7 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Chunked response for SSL requests
7 years ago
WTF - ESP.getFreeHeap crashing the system for an specific light bulb...
7 years ago
Chunked response for SSL requests
7 years ago
Pre-build the different available WebUI images
6 years ago
Chunked response for SSL requests
7 years ago
Pre-build the different available WebUI images
6 years ago
Chunked response for SSL requests
7 years ago
Pre-build the different available WebUI images
6 years ago
Chunked response for SSL requests
7 years ago
Pre-build the different available WebUI images
6 years ago
Chunked response for SSL requests
7 years ago
Using gulp to generate the embedded web contents, added Last-Modifier support to embedded home
7 years ago
Update web.ino tabs to spaces for consistency
6 years ago
Using gulp to generate the embedded web contents, added Last-Modifier support to embedded home
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Added code for SSL certificate reading from SPIFFS
7 years ago
Testing web interface over SSL
7 years ago
Small changes in config variables
7 years ago
Added code for SSL certificate reading from SPIFFS
7 years ago
HTTPS disabled by default
7 years ago
Testing web interface over SSL
7 years ago
HTTPS disabled by default
7 years ago
Testing web interface over SSL
7 years ago
HTTPS disabled by default
7 years ago
Testing web interface over SSL
7 years ago
HTTPS disabled by default
7 years ago
Testing web interface over SSL
7 years ago
Added code for SSL certificate reading from SPIFFS
7 years ago
Optional Web(UI) OTA (#2190) * web: optional OTA support * add prototype * hide under websupport
4 years ago
Add Update error number to error message in web UI
7 years ago
Upgrade form and handle code
7 years ago
Optional Web(UI) OTA (#2190) * web: optional OTA support * add prototype * hide under websupport
4 years ago
Upgrade form and handle code
7 years ago
Close connection in notFound callback (#1768) * Close connection in notFound callback * Add early check of AP mode
5 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Close connection in notFound callback (#1768) * Close connection in notFound callback * Add early check of AP mode
5 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Close connection in notFound callback (#1768) * Close connection in notFound callback * Add early check of AP mode
5 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Close connection in notFound callback (#1768) * Close connection in notFound callback * Add early check of AP mode
5 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Test support for upcoming fauxmoESP 3.1.0
5 years ago
Close connection in notFound callback (#1768) * Close connection in notFound callback * Add early check of AP mode
5 years ago
Test support for upcoming fauxmoESP 3.1.0
5 years ago
Close connection in notFound callback (#1768) * Close connection in notFound callback * Add early check of AP mode
5 years ago
Test support for upcoming fauxmoESP 3.1.0
5 years ago
Option to build without web server support
7 years ago
Revert WS to ticket-based authentication
6 years ago
Build option to disable password check (USE_PASSWORD). Password check is enabled by default. Use at your own risk (#373)
6 years ago
OTA: verify data stream and properly handle errors (#2067) * webui: improve updater error message * ota: properly check updater state and finalize on errors * finish up ota handling refactor * fail web upgrade when cannot find magic byte * send updater status with no payload arg and always send payload with * mention magic byte and flash mode in webui * gzip magic * make async ota at least usable. timeouts, show errors, try harder to find data after headers * simplify setup and destruction * cleanup class instantiations for ota and url * handle default case of magicflashchipsize * shorter * blobs
4 years ago
Build option to disable password check (USE_PASSWORD). Password check is enabled by default. Use at your own risk (#373)
6 years ago
Split web code into web, ws and api
7 years ago
Test support for upcoming fauxmoESP 3.1.0
5 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Refactor get/set/del/hasSetting (#2048) * experimental: refactor get/set/del/hasSetting * sensors * lights * cleaup * r * tuya * fixup! sensors * fixup! tuya * header defaults types * fix lights * setup already checks for max * helper for flashstring * fix overload * oops * refactor includes * warnings * test with migrate * add ids in a separate file * cleanup rev: crash rev: domoticz rev: encoder rev: loopdelay rev: hass rev: i2c rev2: hass rev: mqtt rev: rfm69 rev: relay rev: rpn rev: settings setup rev: hb settings rev: telnet preprocessor fix rev: settings wrap rev: tspk bool style rev: wifi types rev: util hb rev: settings fixup! rev: settings * rev: cleanup wifi injections based on new getters * hasSetting now can return true for empty key * show hardcoded network in web * oops * fix ws referencing wrong index * ensure empty strings are written * c/p * use experimental schema style for payload, mark network as not deletable * allow to customize converter * shorter syntax, try using with wifi * use proper #if syntax to handle definitions that are missing * fixup ota sc checks getter, cast schEnabled to bool * add utils header to sensors
4 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
SSDP working
6 years ago
Refactor get/set/del/hasSetting (#2048) * experimental: refactor get/set/del/hasSetting * sensors * lights * cleaup * r * tuya * fixup! sensors * fixup! tuya * header defaults types * fix lights * setup already checks for max * helper for flashstring * fix overload * oops * refactor includes * warnings * test with migrate * add ids in a separate file * cleanup rev: crash rev: domoticz rev: encoder rev: loopdelay rev: hass rev: i2c rev2: hass rev: mqtt rev: rfm69 rev: relay rev: rpn rev: settings setup rev: hb settings rev: telnet preprocessor fix rev: settings wrap rev: tspk bool style rev: wifi types rev: util hb rev: settings fixup! rev: settings * rev: cleanup wifi injections based on new getters * hasSetting now can return true for empty key * show hardcoded network in web * oops * fix ws referencing wrong index * ensure empty strings are written * c/p * use experimental schema style for payload, mark network as not deletable * allow to customize converter * shorter syntax, try using with wifi * use proper #if syntax to handle definitions that are missing * fixup ota sc checks getter, cast schEnabled to bool * add utils header to sensors
4 years ago
SSDP working
6 years ago
Split web code into web, ws and api
7 years ago
Migrated to AsyncWebServer, AsyncWebSocket and AsyncMqttClient
8 years ago
Option to build without web server support
7 years ago
Fix bug using snprintf
7 years ago
Option to build without web server support
7 years ago
Option to change the port the embedded webserver is listening to, defaults to 80
7 years ago
SSDP working
6 years ago
Testing web interface over SSL
7 years ago
Option to change the port the embedded webserver is listening to, defaults to 80
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
* Support for ITead's Sonoff Dual * Support for Electrodragon's ESP Relay Board * Support for multi-relay boards * Changed relay MQTT topics * Changed relay API entry points * Removed non-secure api entry points
8 years ago
Further renaming
7 years ago
Using gulp to generate the embedded web contents, added Last-Modifier support to embedded home
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Adding /api and /apis to API request callback
6 years ago
Optional Web(UI) OTA (#2190) * web: optional OTA support * add prototype * hide under websupport
4 years ago
Refactoring build flag names
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Using gulp to generate the embedded web contents, added Last-Modifier support to embedded home
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Split web code into web, ws and api
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Added EEPROM management commands to terminal interface
7 years ago
Optional Web(UI) OTA (#2190) * web: optional OTA support * add prototype * hide under websupport
4 years ago
Test support for upcoming fauxmoESP 3.1.0
5 years ago
Optional Web(UI) OTA (#2190) * web: optional OTA support * add prototype * hide under websupport
4 years ago
Test support for upcoming fauxmoESP 3.1.0
5 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Migrated to AsyncWebServer, AsyncWebSocket and AsyncMqttClient
8 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
SSDP working
6 years ago
Testing web interface over SSL
7 years ago
SSDP working
6 years ago
Testing web interface over SSL
7 years ago
Added password check to telnet
6 years ago
SSDP working
6 years ago
Complete update
8 years ago
Option to build without web server support
7 years ago
 
  1. /*

  2. 

  3. WEBSERVER MODULE
  4. 

  5. Copyright (C) 2016-2019 by Xose Pérez <xose dot perez at gmail dot com>
  6. 

  7. */
  8. 

  9. #if WEB_SUPPORT

  10. 

  11. #include "system.h"

  12. #include "utils.h"

  13. #include "web.h"

  14. 

  15. #if WEB_EMBEDDED

  16. 

  17. #if WEBUI_IMAGE == WEBUI_IMAGE_SMALL

  18.     #include "static/index.small.html.gz.h"

  19. #elif WEBUI_IMAGE == WEBUI_IMAGE_LIGHT

  20.     #include "static/index.light.html.gz.h"

  21. #elif WEBUI_IMAGE == WEBUI_IMAGE_SENSOR

  22.     #include "static/index.sensor.html.gz.h"

  23. #elif WEBUI_IMAGE == WEBUI_IMAGE_RFBRIDGE

  24.     #include "static/index.rfbridge.html.gz.h"

  25. #elif WEBUI_IMAGE == WEBUI_IMAGE_RFM69

  26.     #include "static/index.rfm69.html.gz.h"

  27. #elif WEBUI_IMAGE == WEBUI_IMAGE_LIGHTFOX

  28.     #include "static/index.lightfox.html.gz.h"

  29. #elif WEBUI_IMAGE == WEBUI_IMAGE_THERMOSTAT

  30.     #include "static/index.thermostat.html.gz.h"

  31. #elif WEBUI_IMAGE == WEBUI_IMAGE_FULL

  32.     #include "static/index.all.html.gz.h"

  33. #endif

  34. 

  35. #endif // WEB_EMBEDDED

  36. 

  37. #if WEB_SSL_ENABLED

  38. #include "static/server.cer.h"

  39. #include "static/server.key.h"

  40. #endif // WEB_SSL_ENABLED

  41. 

  42. // -----------------------------------------------------------------------------

  43. 

  44. AsyncWebServer * _server;
  45. char _last_modified[50];
  46. std::vector<uint8_t> * _webConfigBuffer;
  47. bool _webConfigSuccess = false;
  48. 

  49. std::vector<web_request_callback_f> _web_request_callbacks;
  50. std::vector<web_body_callback_f> _web_body_callbacks;
  51. 

  52. constexpr const size_t WEB_CONFIG_BUFFER_MAX = 4096;
  53. 

  54. // -----------------------------------------------------------------------------

  55. // HOOKS

  56. // -----------------------------------------------------------------------------

  57. 

  58. void _onReset(AsyncWebServerRequest *request) {
  59. 

  60.     webLog(request);
  61.     if (!webAuthenticate(request)) {
  62.         return request->requestAuthentication(getSetting("hostname").c_str());
  63.     }
  64. 

  65.     deferredReset(100, CUSTOM_RESET_HTTP);
  66.     request->send(200);
  67. }
  68. 

  69. void _onDiscover(AsyncWebServerRequest *request) {
  70. 

  71.     webLog(request);
  72. 

  73.     const String device = getBoardName();
  74.     const String hostname = getSetting("hostname");
  75. 

  76.     StaticJsonBuffer<JSON_OBJECT_SIZE(4)> jsonBuffer;
  77.     JsonObject &root = jsonBuffer.createObject();
  78.     root["app"] = APP_NAME;
  79.     root["version"] = APP_VERSION;
  80.     root["device"] = device.c_str();
  81.     root["hostname"] = hostname.c_str();
  82. 

  83.     AsyncResponseStream *response = request->beginResponseStream("application/json", root.measureLength() + 1);
  84.     root.printTo(*response);
  85. 

  86.     request->send(response);
  87. 

  88. }
  89. 

  90. void _onGetConfig(AsyncWebServerRequest *request) {
  91. 

  92.     webLog(request);
  93.     if (!webAuthenticate(request)) {
  94.         return request->requestAuthentication(getSetting("hostname").c_str());
  95.     }
  96. 

  97.     AsyncResponseStream *response = request->beginResponseStream("application/json");
  98. 

  99.     char buffer[100];
  100.     snprintf_P(buffer, sizeof(buffer), PSTR("attachment; filename=\"%s-backup.json\""), (char *) getSetting("hostname").c_str());
  101.     response->addHeader("Content-Disposition", buffer);
  102.     response->addHeader("X-XSS-Protection", "1; mode=block");
  103.     response->addHeader("X-Content-Type-Options", "nosniff");
  104.     response->addHeader("X-Frame-Options", "deny");
  105. 

  106.     response->printf("{\n\"app\": \"%s\"", APP_NAME);
  107.     response->printf(",\n\"version\": \"%s\"", APP_VERSION);
  108.     response->printf(",\n\"backup\": \"1\"");
  109.     #if NTP_SUPPORT

  110.         response->printf(",\n\"timestamp\": \"%s\"", ntpDateTime().c_str());
  111.     #endif

  112. 

  113.     // Write the keys line by line (not sorted)

  114.     unsigned long count = settingsKeyCount();
  115.     for (unsigned int i=0; i<count; i++) {
  116.         String key = settingsKeyName(i);
  117.         String value = getSetting(key);
  118.         response->printf(",\n\"%s\": \"%s\"", key.c_str(), value.c_str());
  119.     }
  120.     response->printf("\n}");
  121. 

  122.     request->send(response);
  123. 

  124. }
  125. 

  126. void _onPostConfig(AsyncWebServerRequest *request) {
  127.     webLog(request);
  128.     if (!webAuthenticate(request)) {
  129.         return request->requestAuthentication(getSetting("hostname").c_str());
  130.     }
  131.     request->send(_webConfigSuccess ? 200 : 400);
  132. }
  133. 

  134. void _onPostConfigFile(AsyncWebServerRequest *request, String filename, size_t index, uint8_t *data, size_t len, bool final) {
  135. 

  136.     if (!webAuthenticate(request)) {
  137.         return request->requestAuthentication(getSetting("hostname").c_str());
  138.     }
  139. 

  140.     // No buffer

  141.     if (final && (index == 0)) {
  142.         _webConfigSuccess = settingsRestoreJson((char*) data);
  143.         return;
  144.     }
  145. 

  146.     // Buffer start => reset

  147.     if (index == 0) if (_webConfigBuffer) delete _webConfigBuffer;
  148. 

  149.     // init buffer if it doesn't exist

  150.     if (!_webConfigBuffer) {
  151.         _webConfigBuffer = new std::vector<uint8_t>();
  152.         _webConfigSuccess = false;
  153.     }
  154. 

  155.     // Copy

  156.     if (len > 0) {
  157.         if ((_webConfigBuffer->size() + len) > std::min(WEB_CONFIG_BUFFER_MAX, getFreeHeap() - sizeof(std::vector<uint8_t>))) {
  158.             delete _webConfigBuffer;
  159.             _webConfigBuffer = nullptr;
  160.             request->send(500);
  161.             return;
  162.         }
  163.         _webConfigBuffer->reserve(_webConfigBuffer->size() + len);
  164.         _webConfigBuffer->insert(_webConfigBuffer->end(), data, data + len);
  165.     }
  166. 

  167.     // Ending

  168.     if (final) {
  169. 

  170.         _webConfigBuffer->push_back(0);
  171.         _webConfigSuccess = settingsRestoreJson((char*) _webConfigBuffer->data());
  172.         delete _webConfigBuffer;
  173. 

  174.     }
  175. 

  176. }
  177. 

  178. #if WEB_EMBEDDED

  179. void _onHome(AsyncWebServerRequest *request) {
  180. 

  181.     webLog(request);
  182.     if (!webAuthenticate(request)) {
  183.         return request->requestAuthentication(getSetting("hostname").c_str());
  184.     }
  185. 

  186.     if (request->header("If-Modified-Since").equals(_last_modified)) {
  187. 

  188.         request->send(304);
  189. 

  190.     } else {
  191. 

  192.         #if WEB_SSL_ENABLED

  193. 

  194.             // Chunked response, we calculate the chunks based on free heap (in multiples of 32)

  195.             // This is necessary when a TLS connection is open since it sucks too much memory

  196.             DEBUG_MSG_P(PSTR("[MAIN] Free heap: %d bytes\n"), getFreeHeap());
  197.             size_t max = (getFreeHeap() / 3) & 0xFFE0;
  198. 

  199.             AsyncWebServerResponse *response = request->beginChunkedResponse("text/html", [max](uint8_t *buffer, size_t maxLen, size_t index) -> size_t {
  200. 

  201.                 // Get the chunk based on the index and maxLen

  202.                 size_t len = webui_image_len - index;
  203.                 if (len > maxLen) len = maxLen;
  204.                 if (len > max) len = max;
  205.                 if (len > 0) memcpy_P(buffer, webui_image + index, len);
  206. 

  207.                 DEBUG_MSG_P(PSTR("[WEB] Sending %d%%%% (max chunk size: %4d)\r"), int(100 * index / webui_image_len), max);
  208.                 if (len == 0) DEBUG_MSG_P(PSTR("\n"));
  209. 

  210.                 // Return the actual length of the chunk (0 for end of file)

  211.                 return len;
  212. 

  213.             });
  214. 

  215.         #else

  216. 

  217.             AsyncWebServerResponse *response = request->beginResponse_P(200, "text/html", webui_image, webui_image_len);
  218. 

  219.         #endif

  220. 

  221.         response->addHeader("Content-Encoding", "gzip");
  222.         response->addHeader("Last-Modified", _last_modified);
  223.         response->addHeader("X-XSS-Protection", "1; mode=block");
  224.         response->addHeader("X-Content-Type-Options", "nosniff");
  225.         response->addHeader("X-Frame-Options", "deny");
  226.         request->send(response);
  227. 

  228.     }
  229. 

  230. }
  231. #endif

  232. 

  233. #if WEB_SSL_ENABLED

  234. 

  235. int _onCertificate(void * arg, const char *filename, uint8_t **buf) {
  236. 

  237. #if WEB_EMBEDDED

  238. 

  239.     if (strcmp(filename, "server.cer") == 0) {
  240.         uint8_t * nbuf = (uint8_t*) malloc(server_cer_len);
  241.         memcpy_P(nbuf, server_cer, server_cer_len);
  242.         *buf = nbuf;
  243.         DEBUG_MSG_P(PSTR("[WEB] SSL File: %s - OK\n"), filename);
  244.         return server_cer_len;
  245.     }
  246. 

  247.     if (strcmp(filename, "server.key") == 0) {
  248.         uint8_t * nbuf = (uint8_t*) malloc(server_key_len);
  249.         memcpy_P(nbuf, server_key, server_key_len);
  250.         *buf = nbuf;
  251.         DEBUG_MSG_P(PSTR("[WEB] SSL File: %s - OK\n"), filename);
  252.         return server_key_len;
  253.     }
  254. 

  255.     DEBUG_MSG_P(PSTR("[WEB] SSL File: %s - ERROR\n"), filename);
  256.     *buf = 0;
  257.     return 0;
  258. 

  259. #else

  260. 

  261.     File file = SPIFFS.open(filename, "r");
  262.     if (file) {
  263.         size_t size = file.size();
  264.         uint8_t * nbuf = (uint8_t*) malloc(size);
  265.         if (nbuf) {
  266.             size = file.read(nbuf, size);
  267.             file.close();
  268.             *buf = nbuf;
  269.             DEBUG_MSG_P(PSTR("[WEB] SSL File: %s - OK\n"), filename);
  270.             return size;
  271.         }
  272.         file.close();
  273.     }
  274.     DEBUG_MSG_P(PSTR("[WEB] SSL File: %s - ERROR\n"), filename);
  275.     *buf = 0;
  276.     return 0;
  277. 

  278. #endif // WEB_EMBEDDED == 1

  279. 

  280. }
  281. 

  282. #endif // WEB_SSL_ENABLED

  283. 

  284. bool _onAPModeRequest(AsyncWebServerRequest *request) {
  285. 

  286.     if ((WiFi.getMode() & WIFI_AP) > 0) {
  287.         const String domain = getSetting("hostname") + ".";
  288.         const String host = request->header("Host");
  289.         const String ip = WiFi.softAPIP().toString();
  290. 

  291.         // Only allow requests that use our hostname or ip

  292.         if (host.equals(ip)) return true;
  293.         if (host.startsWith(domain)) return true;
  294. 

  295.         // Immediatly close the connection, ref: https://github.com/xoseperez/espurna/issues/1660

  296.         // Not doing so will cause memory exhaustion, because the connection will linger

  297.         request->send(404);
  298.         request->client()->close();
  299. 

  300.         return false;
  301.     }
  302. 

  303.     return true;
  304. 

  305. }
  306. 

  307. void _onRequest(AsyncWebServerRequest *request){
  308. 

  309.     if (!_onAPModeRequest(request)) return;
  310. 

  311.     // Send request to subscribers

  312.     for (unsigned char i = 0; i < _web_request_callbacks.size(); i++) {
  313.         bool response = (_web_request_callbacks[i])(request);
  314.         if (response) return;
  315.     }
  316. 

  317.     // No subscriber handled the request, return a 404 with implicit "Connection: close"

  318.     request->send(404);
  319. 

  320.     // And immediatly close the connection, ref: https://github.com/xoseperez/espurna/issues/1660

  321.     // Not doing so will cause memory exhaustion, because the connection will linger

  322.     request->client()->close();
  323. 

  324. }
  325. 

  326. void _onBody(AsyncWebServerRequest *request, uint8_t *data, size_t len, size_t index, size_t total) {
  327. 

  328.     if (!_onAPModeRequest(request)) return;
  329. 

  330.     // Send request to subscribers

  331.     for (unsigned char i = 0; i < _web_body_callbacks.size(); i++) {
  332.         bool response = (_web_body_callbacks[i])(request, data, len, index, total);
  333.         if (response) return;
  334.     }
  335. 

  336.     // Same as _onAPModeRequest(...)

  337.     request->send(404);
  338.     request->client()->close();
  339. 

  340. }
  341. 

  342. 

  343. // -----------------------------------------------------------------------------

  344. 

  345. bool webAuthenticate(AsyncWebServerRequest *request) {
  346.     #if USE_PASSWORD

  347.         return request->authenticate(WEB_USERNAME, getAdminPass().c_str());
  348.     #else

  349.         return true;
  350.     #endif

  351. }
  352. 

  353. // -----------------------------------------------------------------------------

  354. 

  355. AsyncWebServer * webServer() {
  356.     return _server;
  357. }
  358. 

  359. void webBodyRegister(web_body_callback_f callback) {
  360.     _web_body_callbacks.push_back(callback);
  361. }
  362. 

  363. void webRequestRegister(web_request_callback_f callback) {
  364.     _web_request_callbacks.push_back(callback);
  365. }
  366. 

  367. uint16_t webPort() {
  368.     #if WEB_SSL_ENABLED

  369.         return 443;
  370.     #else

  371.         constexpr const uint16_t defaultValue(WEB_PORT);
  372.         return getSetting("webPort", defaultValue);
  373.     #endif

  374. }
  375. 

  376. void webLog(AsyncWebServerRequest *request) {
  377.     DEBUG_MSG_P(PSTR("[WEBSERVER] Request: %s %s\n"), request->methodToString(), request->url().c_str());
  378. }
  379. 

  380. void webSetup() {
  381. 

  382.     // Cache the Last-Modifier header value

  383.     snprintf_P(_last_modified, sizeof(_last_modified), PSTR("%s %s GMT"), __DATE__, __TIME__);
  384. 

  385.     // Create server

  386.     unsigned int port = webPort();
  387.     _server = new AsyncWebServer(port);
  388. 

  389.     // Rewrites

  390.     _server->rewrite("/", "/index.html");
  391. 

  392.     // Serve home (basic authentication protection)

  393.     #if WEB_EMBEDDED

  394.         _server->on("/index.html", HTTP_GET, _onHome);
  395.     #endif

  396. 

  397.     // Serve static files (not supported, yet)

  398.     #if SPIFFS_SUPPORT

  399.         _server->serveStatic("/", SPIFFS, "/")
  400.             .setLastModified(_last_modified)
  401.             .setFilter([](AsyncWebServerRequest *request) -> bool {
  402.                 webLog(request);
  403.                 return true;
  404.             });
  405.     #endif

  406. 

  407.     _server->on("/reset", HTTP_GET, _onReset);
  408.     _server->on("/config", HTTP_GET, _onGetConfig);
  409.     _server->on("/config", HTTP_POST | HTTP_PUT, _onPostConfig, _onPostConfigFile);
  410.     _server->on("/discover", HTTP_GET, _onDiscover);
  411. 

  412.     // Handle every other request, including 404

  413.     _server->onRequestBody(_onBody);
  414.     _server->onNotFound(_onRequest);
  415. 

  416.     // Run server

  417.     #if WEB_SSL_ENABLED

  418.         _server->onSslFileRequest(_onCertificate, NULL);
  419.         _server->beginSecure("server.cer", "server.key", NULL);
  420.     #else

  421.         _server->begin();
  422.     #endif

  423. 

  424.     DEBUG_MSG_P(PSTR("[WEBSERVER] Webserver running on port %u\n"), port);
  425. 

  426. }
  427. 

  428. #endif // WEB_SUPPORT