mh
/
mhsw-espurna
1
0
Fork 0
Code Releases 0 Activity
Fork of the espurna firmware for `mhsw` switches
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3036 Commits
18 Branches
212 MiB
Tree: edb23dbfc4
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'edb23dbfc4'
${ noResults }
mhsw-espurna/code/espurna/web.cpp

430 lines
12 KiB
Raw Normal View History

Complete update
8 years ago
[copyright-update] Update for 2019
5 years ago
Complete update
8 years ago
Convert .ino -> .cpp (#2228) - general conversion from .ino modules into a separate .cpp files - clean-up internal headers, place libraries into .h. guard .cpp with _SUPPORT flags - fix some instances of shared variables instead of public methods - tweak build system to still build a single source file via os environment variable ESPURNA_BUILD_SINGLE_SOURCE
4 years ago
Option to build without web server support
7 years ago
system: move prototypes to a separate header
5 years ago
relay: replace eeprom 8bit with 32bit bitmask stored in settings - mask is defined as (relay# status << number) - transparently handle base-2 and base-10 numbers - if the relay mode requires us to save the mask, it will be saved as base-2
5 years ago
Convert .ino -> .cpp (#2228) - general conversion from .ino modules into a separate .cpp files - clean-up internal headers, place libraries into .h. guard .cpp with _SUPPORT flags - fix some instances of shared variables instead of public methods - tweak build system to still build a single source file via os environment variable ESPURNA_BUILD_SINGLE_SOURCE
4 years ago
Complete update
8 years ago
Further renaming
7 years ago
Pre-build the different available WebUI images
6 years ago
Initial support for RFM69GW board
6 years ago
Use full web UI image if device has more than one webui module (#981)
6 years ago
Initial support for RFM69GW board
6 years ago
Use full web UI image if device has more than one webui module (#981)
6 years ago
Initial support for RFM69GW board
6 years ago
Use full web UI image if device has more than one webui module (#981)
6 years ago
Initial support for RFM69GW board
6 years ago
Use full web UI image if device has more than one webui module (#981)
6 years ago
Initial support for RFM69GW board
6 years ago
UI for LightFox
5 years ago
Fix conflicts: 1. Add thermostat to the espurna_modules in progmem.h 2. Add thermostat to webui, gulp, html, js. 3. in general.h MQTT_USE_JSON returned to 0 by default and 1 if thermostat enabled.
5 years ago
Initial support for RFM69GW board
6 years ago
Use full web UI image if device has more than one webui module (#981)
6 years ago
Pre-build the different available WebUI images
6 years ago
Option to build without NTP support
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
HTTPS disabled by default
7 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Testing web interface over SSL
7 years ago
Option to build without web server support
7 years ago
Option to change the port the embedded webserver is listening to, defaults to 80
7 years ago
Option to build without web server support
7 years ago
Restore settings & reset via HTTP
7 years ago
Complete update
8 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Test support for upcoming fauxmoESP 3.1.0
6 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Fixed size json payload & other WS bugfixes (#1843) - update every dynamicjsonbuffer with fixed size constructor argument - change to ws callback registration to use a class builder (just cosmetic) - test multiple ws data callbacks for each module - remove some of the static strings in favour of ws data callback - improve sensor ws callback data size, remove duplicated strings - use static buffer in wsDebugSend - postpone wsSend until loop, implement wsPost to allow other modules to queue message callbacks. remove Ticker based ws callbacks for data - update WebUI files
5 years ago
Option to build without web server support
7 years ago
Split web code into web, ws and api
7 years ago
Option to build without web server support
7 years ago
Restore settings & reset via HTTP
7 years ago
Authenticate /reset endpoint (#1858)
5 years ago
Restore settings & reset via HTTP
7 years ago
Enable CORS
6 years ago
Fixed size json payload & other WS bugfixes (#1843) - update every dynamicjsonbuffer with fixed size constructor argument - change to ws callback registration to use a class builder (just cosmetic) - test multiple ws data callbacks for each module - remove some of the static strings in favour of ws data callback - improve sensor ws callback data size, remove duplicated strings - use static buffer in wsDebugSend - postpone wsSend until loop, implement wsPost to allow other modules to queue message callbacks. remove Ticker based ws callbacks for data - update WebUI files
5 years ago
Enable CORS
6 years ago
Fixed size json payload & other WS bugfixes (#1843) - update every dynamicjsonbuffer with fixed size constructor argument - change to ws callback registration to use a class builder (just cosmetic) - test multiple ws data callbacks for each module - remove some of the static strings in favour of ws data callback - improve sensor ws callback data size, remove duplicated strings - use static buffer in wsDebugSend - postpone wsSend until loop, implement wsPost to allow other modules to queue message callbacks. remove Ticker based ws callbacks for data - update WebUI files
5 years ago
OTA: verify data stream and properly handle errors (#2067) * webui: improve updater error message * ota: properly check updater state and finalize on errors * finish up ota handling refactor * fail web upgrade when cannot find magic byte * send updater status with no payload arg and always send payload with * mention magic byte and flash mode in webui * gzip magic * make async ota at least usable. timeouts, show errors, try harder to find data after headers * simplify setup and destruction * cleanup class instantiations for ota and url * handle default case of magicflashchipsize * shorter * blobs
4 years ago
Enable CORS
6 years ago
Backup and restore settings from file
7 years ago
Split web code into web, ws and api
7 years ago
Fix telnet & web debug responsiveness (#896)
6 years ago
Backup and restore settings from file
7 years ago
OTA: verify data stream and properly handle errors (#2067) * webui: improve updater error message * ota: properly check updater state and finalize on errors * finish up ota handling refactor * fail web upgrade when cannot find magic byte * send updater status with no payload arg and always send payload with * mention magic byte and flash mode in webui * gzip magic * make async ota at least usable. timeouts, show errors, try harder to find data after headers * simplify setup and destruction * cleanup class instantiations for ota and url * handle default case of magicflashchipsize * shorter * blobs
4 years ago
Backup and restore settings from file
7 years ago
Fix bug using snprintf
7 years ago
Backup and restore settings from file
7 years ago
Added security headers for each HTTP response
6 years ago
Dump settings line by line to prevent memory issues (#896)
6 years ago
Fix crash on loading malformed settings, option to load partial configuration
6 years ago
Adding /api and /apis to API request callback
6 years ago
Dump settings line by line to prevent memory issues (#896)
6 years ago
Fix crash on loading malformed settings, option to load partial configuration
6 years ago
Dump settings line by line to prevent memory issues (#896)
6 years ago
Backup and restore settings from file
7 years ago
Restore settings & reset via HTTP
7 years ago
Fix telnet & web debug responsiveness (#896)
6 years ago
Restore settings & reset via HTTP
7 years ago
OTA: verify data stream and properly handle errors (#2067) * webui: improve updater error message * ota: properly check updater state and finalize on errors * finish up ota handling refactor * fail web upgrade when cannot find magic byte * send updater status with no payload arg and always send payload with * mention magic byte and flash mode in webui * gzip magic * make async ota at least usable. timeouts, show errors, try harder to find data after headers * simplify setup and destruction * cleanup class instantiations for ota and url * handle default case of magicflashchipsize * shorter * blobs
4 years ago
Restore settings & reset via HTTP
7 years ago
Web OTA: check authentication result before accepting payload (#1812)
5 years ago
Restore settings & reset via HTTP
7 years ago
Fixed size json payload & other WS bugfixes (#1843) - update every dynamicjsonbuffer with fixed size constructor argument - change to ws callback registration to use a class builder (just cosmetic) - test multiple ws data callbacks for each module - remove some of the static strings in favour of ws data callback - improve sensor ws callback data size, remove duplicated strings - use static buffer in wsDebugSend - postpone wsSend until loop, implement wsPost to allow other modules to queue message callbacks. remove Ticker based ws callbacks for data - update WebUI files
5 years ago
Restore settings & reset via HTTP
7 years ago
Fixed size json payload & other WS bugfixes (#1843) - update every dynamicjsonbuffer with fixed size constructor argument - change to ws callback registration to use a class builder (just cosmetic) - test multiple ws data callbacks for each module - remove some of the static strings in favour of ws data callback - improve sensor ws callback data size, remove duplicated strings - use static buffer in wsDebugSend - postpone wsSend until loop, implement wsPost to allow other modules to queue message callbacks. remove Ticker based ws callbacks for data - update WebUI files
5 years ago
Restore settings & reset via HTTP
7 years ago
Fixed size json payload & other WS bugfixes (#1843) - update every dynamicjsonbuffer with fixed size constructor argument - change to ws callback registration to use a class builder (just cosmetic) - test multiple ws data callbacks for each module - remove some of the static strings in favour of ws data callback - improve sensor ws callback data size, remove duplicated strings - use static buffer in wsDebugSend - postpone wsSend until loop, implement wsPost to allow other modules to queue message callbacks. remove Ticker based ws callbacks for data - update WebUI files
5 years ago
Restore settings & reset via HTTP
7 years ago
Further renaming
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Using gulp to generate the embedded web contents, added Last-Modifier support to embedded home
7 years ago
Split web code into web, ws and api
7 years ago
Fix telnet & web debug responsiveness (#896)
6 years ago
Using gulp to generate the embedded web contents, added Last-Modifier support to embedded home
7 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Chunked response for SSL requests
7 years ago
WTF - ESP.getFreeHeap crashing the system for an specific light bulb...
7 years ago
Chunked response for SSL requests
7 years ago
Pre-build the different available WebUI images
6 years ago
Chunked response for SSL requests
7 years ago
Pre-build the different available WebUI images
6 years ago
Chunked response for SSL requests
7 years ago
Pre-build the different available WebUI images
6 years ago
Chunked response for SSL requests
7 years ago
Pre-build the different available WebUI images
6 years ago
Chunked response for SSL requests
7 years ago
Using gulp to generate the embedded web contents, added Last-Modifier support to embedded home
7 years ago
Update web.ino tabs to spaces for consistency
6 years ago
Using gulp to generate the embedded web contents, added Last-Modifier support to embedded home
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
Added code for SSL certificate reading from SPIFFS
7 years ago
Testing web interface over SSL
7 years ago
Small changes in config variables
7 years ago
Added code for SSL certificate reading from SPIFFS
7 years ago
HTTPS disabled by default
7 years ago
Testing web interface over SSL
7 years ago
HTTPS disabled by default
7 years ago
Testing web interface over SSL
7 years ago
HTTPS disabled by default
7 years ago
Testing web interface over SSL
7 years ago
HTTPS disabled by default
7 years ago
Testing web interface over SSL
7 years ago
Added code for SSL certificate reading from SPIFFS
7 years ago
Optional Web(UI) OTA (#2190) * web: optional OTA support * add prototype * hide under websupport
4 years ago
Add Update error number to error message in web UI
7 years ago
Upgrade form and handle code
7 years ago
Optional Web(UI) OTA (#2190) * web: optional OTA support * add prototype * hide under websupport
4 years ago
Upgrade form and handle code
7 years ago
Close connection in notFound callback (#1768) * Close connection in notFound callback * Add early check of AP mode
5 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Close connection in notFound callback (#1768) * Close connection in notFound callback * Add early check of AP mode
5 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Close connection in notFound callback (#1768) * Close connection in notFound callback * Add early check of AP mode
5 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Close connection in notFound callback (#1768) * Close connection in notFound callback * Add early check of AP mode
5 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Test support for upcoming fauxmoESP 3.1.0
6 years ago
Close connection in notFound callback (#1768) * Close connection in notFound callback * Add early check of AP mode
5 years ago
Test support for upcoming fauxmoESP 3.1.0
6 years ago
Close connection in notFound callback (#1768) * Close connection in notFound callback * Add early check of AP mode
5 years ago
Test support for upcoming fauxmoESP 3.1.0
6 years ago
Option to build without web server support
7 years ago
Revert WS to ticket-based authentication
6 years ago
Build option to disable password check (USE_PASSWORD). Password check is enabled by default. Use at your own risk (#373)
6 years ago
OTA: verify data stream and properly handle errors (#2067) * webui: improve updater error message * ota: properly check updater state and finalize on errors * finish up ota handling refactor * fail web upgrade when cannot find magic byte * send updater status with no payload arg and always send payload with * mention magic byte and flash mode in webui * gzip magic * make async ota at least usable. timeouts, show errors, try harder to find data after headers * simplify setup and destruction * cleanup class instantiations for ota and url * handle default case of magicflashchipsize * shorter * blobs
4 years ago
Build option to disable password check (USE_PASSWORD). Password check is enabled by default. Use at your own risk (#373)
6 years ago
Split web code into web, ws and api
7 years ago
Test support for upcoming fauxmoESP 3.1.0
6 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Refactor get/set/del/hasSetting (#2048) * experimental: refactor get/set/del/hasSetting * sensors * lights * cleaup * r * tuya * fixup! sensors * fixup! tuya * header defaults types * fix lights * setup already checks for max * helper for flashstring * fix overload * oops * refactor includes * warnings * test with migrate * add ids in a separate file * cleanup rev: crash rev: domoticz rev: encoder rev: loopdelay rev: hass rev: i2c rev2: hass rev: mqtt rev: rfm69 rev: relay rev: rpn rev: settings setup rev: hb settings rev: telnet preprocessor fix rev: settings wrap rev: tspk bool style rev: wifi types rev: util hb rev: settings fixup! rev: settings * rev: cleanup wifi injections based on new getters * hasSetting now can return true for empty key * show hardcoded network in web * oops * fix ws referencing wrong index * ensure empty strings are written * c/p * use experimental schema style for payload, mark network as not deletable * allow to customize converter * shorter syntax, try using with wifi * use proper #if syntax to handle definitions that are missing * fixup ota sc checks getter, cast schEnabled to bool * add utils header to sensors
4 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
SSDP working
6 years ago
Refactor get/set/del/hasSetting (#2048) * experimental: refactor get/set/del/hasSetting * sensors * lights * cleaup * r * tuya * fixup! sensors * fixup! tuya * header defaults types * fix lights * setup already checks for max * helper for flashstring * fix overload * oops * refactor includes * warnings * test with migrate * add ids in a separate file * cleanup rev: crash rev: domoticz rev: encoder rev: loopdelay rev: hass rev: i2c rev2: hass rev: mqtt rev: rfm69 rev: relay rev: rpn rev: settings setup rev: hb settings rev: telnet preprocessor fix rev: settings wrap rev: tspk bool style rev: wifi types rev: util hb rev: settings fixup! rev: settings * rev: cleanup wifi injections based on new getters * hasSetting now can return true for empty key * show hardcoded network in web * oops * fix ws referencing wrong index * ensure empty strings are written * c/p * use experimental schema style for payload, mark network as not deletable * allow to customize converter * shorter syntax, try using with wifi * use proper #if syntax to handle definitions that are missing * fixup ota sc checks getter, cast schEnabled to bool * add utils header to sensors
4 years ago
SSDP working
6 years ago
Split web code into web, ws and api
7 years ago
Migrated to AsyncWebServer, AsyncWebSocket and AsyncMqttClient
8 years ago
Option to build without web server support
7 years ago
Fix bug using snprintf
7 years ago
Option to build without web server support
7 years ago
Option to change the port the embedded webserver is listening to, defaults to 80
7 years ago
SSDP working
6 years ago
Testing web interface over SSL
7 years ago
Option to change the port the embedded webserver is listening to, defaults to 80
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
* Support for ITead's Sonoff Dual * Support for Electrodragon's ESP Relay Board * Support for multi-relay boards * Changed relay MQTT topics * Changed relay API entry points * Removed non-secure api entry points
8 years ago
Further renaming
7 years ago
Using gulp to generate the embedded web contents, added Last-Modifier support to embedded home
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Adding /api and /apis to API request callback
6 years ago
Optional Web(UI) OTA (#2190) * web: optional OTA support * add prototype * hide under websupport
4 years ago
Refactoring build flag names
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Using gulp to generate the embedded web contents, added Last-Modifier support to embedded home
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Split web code into web, ws and api
7 years ago
Experimental option to embed the web interface in the firmware image
7 years ago
Added EEPROM management commands to terminal interface
8 years ago
Optional Web(UI) OTA (#2190) * web: optional OTA support * add prototype * hide under websupport
4 years ago
Test support for upcoming fauxmoESP 3.1.0
6 years ago
Optional Web(UI) OTA (#2190) * web: optional OTA support * add prototype * hide under websupport
4 years ago
Test support for upcoming fauxmoESP 3.1.0
6 years ago
Reduce memory footprint of API calls (#1133)
6 years ago
Migrated to AsyncWebServer, AsyncWebSocket and AsyncMqttClient
8 years ago
Secure client / server cleanup (#2016) * web: revert changed from secure_client patch * ota/httpupdate: use SecureClient * ota/httpupdate: use scheduled function on mqtt event * config: finish up 590282e changes + add warnings * typo fix * use bind instead of c++14 magic, use debug text from secureclient * bump * actually use the locking
5 years ago
SSDP working
6 years ago
Testing web interface over SSL
7 years ago
SSDP working
6 years ago
Testing web interface over SSL
7 years ago
Added password check to telnet
6 years ago
SSDP working
6 years ago
Complete update
8 years ago
Option to build without web server support
7 years ago
 
  1. /*

  2. 

  3. WEBSERVER MODULE
  4. 

  5. Copyright (C) 2016-2019 by Xose Pérez <xose dot perez at gmail dot com>
  6. 

  7. */
  8. 

  9. #include "web.h"

  10. 

  11. #if WEB_SUPPORT

  12. 

  13. #include "system.h"

  14. #include "utils.h"

  15. #include "ntp.h"

  16. 

  17. #if WEB_EMBEDDED

  18. 

  19. #if WEBUI_IMAGE == WEBUI_IMAGE_SMALL

  20.     #include "static/index.small.html.gz.h"

  21. #elif WEBUI_IMAGE == WEBUI_IMAGE_LIGHT

  22.     #include "static/index.light.html.gz.h"

  23. #elif WEBUI_IMAGE == WEBUI_IMAGE_SENSOR

  24.     #include "static/index.sensor.html.gz.h"

  25. #elif WEBUI_IMAGE == WEBUI_IMAGE_RFBRIDGE

  26.     #include "static/index.rfbridge.html.gz.h"

  27. #elif WEBUI_IMAGE == WEBUI_IMAGE_RFM69

  28.     #include "static/index.rfm69.html.gz.h"

  29. #elif WEBUI_IMAGE == WEBUI_IMAGE_LIGHTFOX

  30.     #include "static/index.lightfox.html.gz.h"

  31. #elif WEBUI_IMAGE == WEBUI_IMAGE_THERMOSTAT

  32.     #include "static/index.thermostat.html.gz.h"

  33. #elif WEBUI_IMAGE == WEBUI_IMAGE_FULL

  34.     #include "static/index.all.html.gz.h"

  35. #endif

  36. 

  37. #endif // WEB_EMBEDDED

  38. 

  39. #if WEB_SSL_ENABLED

  40. #include "static/server.cer.h"

  41. #include "static/server.key.h"

  42. #endif // WEB_SSL_ENABLED

  43. 

  44. // -----------------------------------------------------------------------------

  45. 

  46. AsyncWebServer * _server;
  47. char _last_modified[50];
  48. std::vector<uint8_t> * _webConfigBuffer;
  49. bool _webConfigSuccess = false;
  50. 

  51. std::vector<web_request_callback_f> _web_request_callbacks;
  52. std::vector<web_body_callback_f> _web_body_callbacks;
  53. 

  54. constexpr const size_t WEB_CONFIG_BUFFER_MAX = 4096;
  55. 

  56. // -----------------------------------------------------------------------------

  57. // HOOKS

  58. // -----------------------------------------------------------------------------

  59. 

  60. void _onReset(AsyncWebServerRequest *request) {
  61. 

  62.     webLog(request);
  63.     if (!webAuthenticate(request)) {
  64.         return request->requestAuthentication(getSetting("hostname").c_str());
  65.     }
  66. 

  67.     deferredReset(100, CUSTOM_RESET_HTTP);
  68.     request->send(200);
  69. }
  70. 

  71. void _onDiscover(AsyncWebServerRequest *request) {
  72. 

  73.     webLog(request);
  74. 

  75.     const String device = getBoardName();
  76.     const String hostname = getSetting("hostname");
  77. 

  78.     StaticJsonBuffer<JSON_OBJECT_SIZE(4)> jsonBuffer;
  79.     JsonObject &root = jsonBuffer.createObject();
  80.     root["app"] = APP_NAME;
  81.     root["version"] = APP_VERSION;
  82.     root["device"] = device.c_str();
  83.     root["hostname"] = hostname.c_str();
  84. 

  85.     AsyncResponseStream *response = request->beginResponseStream("application/json", root.measureLength() + 1);
  86.     root.printTo(*response);
  87. 

  88.     request->send(response);
  89. 

  90. }
  91. 

  92. void _onGetConfig(AsyncWebServerRequest *request) {
  93. 

  94.     webLog(request);
  95.     if (!webAuthenticate(request)) {
  96.         return request->requestAuthentication(getSetting("hostname").c_str());
  97.     }
  98. 

  99.     AsyncResponseStream *response = request->beginResponseStream("application/json");
  100. 

  101.     char buffer[100];
  102.     snprintf_P(buffer, sizeof(buffer), PSTR("attachment; filename=\"%s-backup.json\""), (char *) getSetting("hostname").c_str());
  103.     response->addHeader("Content-Disposition", buffer);
  104.     response->addHeader("X-XSS-Protection", "1; mode=block");
  105.     response->addHeader("X-Content-Type-Options", "nosniff");
  106.     response->addHeader("X-Frame-Options", "deny");
  107. 

  108.     response->printf("{\n\"app\": \"%s\"", APP_NAME);
  109.     response->printf(",\n\"version\": \"%s\"", APP_VERSION);
  110.     response->printf(",\n\"backup\": \"1\"");
  111.     #if NTP_SUPPORT

  112.         response->printf(",\n\"timestamp\": \"%s\"", ntpDateTime().c_str());
  113.     #endif

  114. 

  115.     // Write the keys line by line (not sorted)

  116.     unsigned long count = settingsKeyCount();
  117.     for (unsigned int i=0; i<count; i++) {
  118.         String key = settingsKeyName(i);
  119.         String value = getSetting(key);
  120.         response->printf(",\n\"%s\": \"%s\"", key.c_str(), value.c_str());
  121.     }
  122.     response->printf("\n}");
  123. 

  124.     request->send(response);
  125. 

  126. }
  127. 

  128. void _onPostConfig(AsyncWebServerRequest *request) {
  129.     webLog(request);
  130.     if (!webAuthenticate(request)) {
  131.         return request->requestAuthentication(getSetting("hostname").c_str());
  132.     }
  133.     request->send(_webConfigSuccess ? 200 : 400);
  134. }
  135. 

  136. void _onPostConfigFile(AsyncWebServerRequest *request, String filename, size_t index, uint8_t *data, size_t len, bool final) {
  137. 

  138.     if (!webAuthenticate(request)) {
  139.         return request->requestAuthentication(getSetting("hostname").c_str());
  140.     }
  141. 

  142.     // No buffer

  143.     if (final && (index == 0)) {
  144.         _webConfigSuccess = settingsRestoreJson((char*) data);
  145.         return;
  146.     }
  147. 

  148.     // Buffer start => reset

  149.     if (index == 0) if (_webConfigBuffer) delete _webConfigBuffer;
  150. 

  151.     // init buffer if it doesn't exist

  152.     if (!_webConfigBuffer) {
  153.         _webConfigBuffer = new std::vector<uint8_t>();
  154.         _webConfigSuccess = false;
  155.     }
  156. 

  157.     // Copy

  158.     if (len > 0) {
  159.         if ((_webConfigBuffer->size() + len) > std::min(WEB_CONFIG_BUFFER_MAX, getFreeHeap() - sizeof(std::vector<uint8_t>))) {
  160.             delete _webConfigBuffer;
  161.             _webConfigBuffer = nullptr;
  162.             request->send(500);
  163.             return;
  164.         }
  165.         _webConfigBuffer->reserve(_webConfigBuffer->size() + len);
  166.         _webConfigBuffer->insert(_webConfigBuffer->end(), data, data + len);
  167.     }
  168. 

  169.     // Ending

  170.     if (final) {
  171. 

  172.         _webConfigBuffer->push_back(0);
  173.         _webConfigSuccess = settingsRestoreJson((char*) _webConfigBuffer->data());
  174.         delete _webConfigBuffer;
  175. 

  176.     }
  177. 

  178. }
  179. 

  180. #if WEB_EMBEDDED

  181. void _onHome(AsyncWebServerRequest *request) {
  182. 

  183.     webLog(request);
  184.     if (!webAuthenticate(request)) {
  185.         return request->requestAuthentication(getSetting("hostname").c_str());
  186.     }
  187. 

  188.     if (request->header("If-Modified-Since").equals(_last_modified)) {
  189. 

  190.         request->send(304);
  191. 

  192.     } else {
  193. 

  194.         #if WEB_SSL_ENABLED

  195. 

  196.             // Chunked response, we calculate the chunks based on free heap (in multiples of 32)

  197.             // This is necessary when a TLS connection is open since it sucks too much memory

  198.             DEBUG_MSG_P(PSTR("[MAIN] Free heap: %d bytes\n"), getFreeHeap());
  199.             size_t max = (getFreeHeap() / 3) & 0xFFE0;
  200. 

  201.             AsyncWebServerResponse *response = request->beginChunkedResponse("text/html", [max](uint8_t *buffer, size_t maxLen, size_t index) -> size_t {
  202. 

  203.                 // Get the chunk based on the index and maxLen

  204.                 size_t len = webui_image_len - index;
  205.                 if (len > maxLen) len = maxLen;
  206.                 if (len > max) len = max;
  207.                 if (len > 0) memcpy_P(buffer, webui_image + index, len);
  208. 

  209.                 DEBUG_MSG_P(PSTR("[WEB] Sending %d%%%% (max chunk size: %4d)\r"), int(100 * index / webui_image_len), max);
  210.                 if (len == 0) DEBUG_MSG_P(PSTR("\n"));
  211. 

  212.                 // Return the actual length of the chunk (0 for end of file)

  213.                 return len;
  214. 

  215.             });
  216. 

  217.         #else

  218. 

  219.             AsyncWebServerResponse *response = request->beginResponse_P(200, "text/html", webui_image, webui_image_len);
  220. 

  221.         #endif

  222. 

  223.         response->addHeader("Content-Encoding", "gzip");
  224.         response->addHeader("Last-Modified", _last_modified);
  225.         response->addHeader("X-XSS-Protection", "1; mode=block");
  226.         response->addHeader("X-Content-Type-Options", "nosniff");
  227.         response->addHeader("X-Frame-Options", "deny");
  228.         request->send(response);
  229. 

  230.     }
  231. 

  232. }
  233. #endif

  234. 

  235. #if WEB_SSL_ENABLED

  236. 

  237. int _onCertificate(void * arg, const char *filename, uint8_t **buf) {
  238. 

  239. #if WEB_EMBEDDED

  240. 

  241.     if (strcmp(filename, "server.cer") == 0) {
  242.         uint8_t * nbuf = (uint8_t*) malloc(server_cer_len);
  243.         memcpy_P(nbuf, server_cer, server_cer_len);
  244.         *buf = nbuf;
  245.         DEBUG_MSG_P(PSTR("[WEB] SSL File: %s - OK\n"), filename);
  246.         return server_cer_len;
  247.     }
  248. 

  249.     if (strcmp(filename, "server.key") == 0) {
  250.         uint8_t * nbuf = (uint8_t*) malloc(server_key_len);
  251.         memcpy_P(nbuf, server_key, server_key_len);
  252.         *buf = nbuf;
  253.         DEBUG_MSG_P(PSTR("[WEB] SSL File: %s - OK\n"), filename);
  254.         return server_key_len;
  255.     }
  256. 

  257.     DEBUG_MSG_P(PSTR("[WEB] SSL File: %s - ERROR\n"), filename);
  258.     *buf = 0;
  259.     return 0;
  260. 

  261. #else

  262. 

  263.     File file = SPIFFS.open(filename, "r");
  264.     if (file) {
  265.         size_t size = file.size();
  266.         uint8_t * nbuf = (uint8_t*) malloc(size);
  267.         if (nbuf) {
  268.             size = file.read(nbuf, size);
  269.             file.close();
  270.             *buf = nbuf;
  271.             DEBUG_MSG_P(PSTR("[WEB] SSL File: %s - OK\n"), filename);
  272.             return size;
  273.         }
  274.         file.close();
  275.     }
  276.     DEBUG_MSG_P(PSTR("[WEB] SSL File: %s - ERROR\n"), filename);
  277.     *buf = 0;
  278.     return 0;
  279. 

  280. #endif // WEB_EMBEDDED == 1

  281. 

  282. }
  283. 

  284. #endif // WEB_SSL_ENABLED

  285. 

  286. bool _onAPModeRequest(AsyncWebServerRequest *request) {
  287. 

  288.     if ((WiFi.getMode() & WIFI_AP) > 0) {
  289.         const String domain = getSetting("hostname") + ".";
  290.         const String host = request->header("Host");
  291.         const String ip = WiFi.softAPIP().toString();
  292. 

  293.         // Only allow requests that use our hostname or ip

  294.         if (host.equals(ip)) return true;
  295.         if (host.startsWith(domain)) return true;
  296. 

  297.         // Immediatly close the connection, ref: https://github.com/xoseperez/espurna/issues/1660

  298.         // Not doing so will cause memory exhaustion, because the connection will linger

  299.         request->send(404);
  300.         request->client()->close();
  301. 

  302.         return false;
  303.     }
  304. 

  305.     return true;
  306. 

  307. }
  308. 

  309. void _onRequest(AsyncWebServerRequest *request){
  310. 

  311.     if (!_onAPModeRequest(request)) return;
  312. 

  313.     // Send request to subscribers

  314.     for (unsigned char i = 0; i < _web_request_callbacks.size(); i++) {
  315.         bool response = (_web_request_callbacks[i])(request);
  316.         if (response) return;
  317.     }
  318. 

  319.     // No subscriber handled the request, return a 404 with implicit "Connection: close"

  320.     request->send(404);
  321. 

  322.     // And immediatly close the connection, ref: https://github.com/xoseperez/espurna/issues/1660

  323.     // Not doing so will cause memory exhaustion, because the connection will linger

  324.     request->client()->close();
  325. 

  326. }
  327. 

  328. void _onBody(AsyncWebServerRequest *request, uint8_t *data, size_t len, size_t index, size_t total) {
  329. 

  330.     if (!_onAPModeRequest(request)) return;
  331. 

  332.     // Send request to subscribers

  333.     for (unsigned char i = 0; i < _web_body_callbacks.size(); i++) {
  334.         bool response = (_web_body_callbacks[i])(request, data, len, index, total);
  335.         if (response) return;
  336.     }
  337. 

  338.     // Same as _onAPModeRequest(...)

  339.     request->send(404);
  340.     request->client()->close();
  341. 

  342. }
  343. 

  344. 

  345. // -----------------------------------------------------------------------------

  346. 

  347. bool webAuthenticate(AsyncWebServerRequest *request) {
  348.     #if USE_PASSWORD

  349.         return request->authenticate(WEB_USERNAME, getAdminPass().c_str());
  350.     #else

  351.         return true;
  352.     #endif

  353. }
  354. 

  355. // -----------------------------------------------------------------------------

  356. 

  357. AsyncWebServer * webServer() {
  358.     return _server;
  359. }
  360. 

  361. void webBodyRegister(web_body_callback_f callback) {
  362.     _web_body_callbacks.push_back(callback);
  363. }
  364. 

  365. void webRequestRegister(web_request_callback_f callback) {
  366.     _web_request_callbacks.push_back(callback);
  367. }
  368. 

  369. uint16_t webPort() {
  370.     #if WEB_SSL_ENABLED

  371.         return 443;
  372.     #else

  373.         constexpr const uint16_t defaultValue(WEB_PORT);
  374.         return getSetting("webPort", defaultValue);
  375.     #endif

  376. }
  377. 

  378. void webLog(AsyncWebServerRequest *request) {
  379.     DEBUG_MSG_P(PSTR("[WEBSERVER] Request: %s %s\n"), request->methodToString(), request->url().c_str());
  380. }
  381. 

  382. void webSetup() {
  383. 

  384.     // Cache the Last-Modifier header value

  385.     snprintf_P(_last_modified, sizeof(_last_modified), PSTR("%s %s GMT"), __DATE__, __TIME__);
  386. 

  387.     // Create server

  388.     unsigned int port = webPort();
  389.     _server = new AsyncWebServer(port);
  390. 

  391.     // Rewrites

  392.     _server->rewrite("/", "/index.html");
  393. 

  394.     // Serve home (basic authentication protection)

  395.     #if WEB_EMBEDDED

  396.         _server->on("/index.html", HTTP_GET, _onHome);
  397.     #endif

  398. 

  399.     // Serve static files (not supported, yet)

  400.     #if SPIFFS_SUPPORT

  401.         _server->serveStatic("/", SPIFFS, "/")
  402.             .setLastModified(_last_modified)
  403.             .setFilter([](AsyncWebServerRequest *request) -> bool {
  404.                 webLog(request);
  405.                 return true;
  406.             });
  407.     #endif

  408. 

  409.     _server->on("/reset", HTTP_GET, _onReset);
  410.     _server->on("/config", HTTP_GET, _onGetConfig);
  411.     _server->on("/config", HTTP_POST | HTTP_PUT, _onPostConfig, _onPostConfigFile);
  412.     _server->on("/discover", HTTP_GET, _onDiscover);
  413. 

  414.     // Handle every other request, including 404

  415.     _server->onRequestBody(_onBody);
  416.     _server->onNotFound(_onRequest);
  417. 

  418.     // Run server

  419.     #if WEB_SSL_ENABLED

  420.         _server->onSslFileRequest(_onCertificate, NULL);
  421.         _server->beginSecure("server.cer", "server.key", NULL);
  422.     #else

  423.         _server->begin();
  424.     #endif

  425. 

  426.     DEBUG_MSG_P(PSTR("[WEBSERVER] Webserver running on port %u\n"), port);
  427. 

  428. }
  429. 

  430. #endif // WEB_SUPPORT