From ec811f72df17203b5593fb57d26ab5bb0d5c084a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Xose=20P=C3=A9rez?= Date: Fri, 17 Feb 2017 23:43:18 +0100 Subject: [PATCH] Authentication chanllenge only in /auth request --- code/espurna/web.ino | 21 +++++++-------------- code/html/custom.css | 11 +++++++++++ code/html/custom.js | 8 +++++++- code/html/index.html | 4 ++++ 4 files changed, 29 insertions(+), 15 deletions(-) diff --git a/code/espurna/web.ino b/code/espurna/web.ino index 5e8c2fbc..5ab383f6 100644 --- a/code/espurna/web.ino +++ b/code/espurna/web.ino @@ -508,9 +508,7 @@ void _wsEvent(AsyncWebSocket * server, AsyncWebSocketClient * client, AwsEventTy // First packet if (info->index == 0) { - //Serial.printf("Before malloc: %d\n", ESP.getFreeHeap()); message = (uint8_t*) malloc(info->len); - //Serial.printf("After malloc: %d\n", ESP.getFreeHeap()); } // Store data @@ -519,9 +517,7 @@ void _wsEvent(AsyncWebSocket * server, AsyncWebSocketClient * client, AwsEventTy // Last packet if (info->index + len == info->len) { _wsParse(client->id(), message, info->len); - //Serial.printf("Before free: %d\n", ESP.getFreeHeap()); free(message); - //Serial.printf("After free: %d\n", ESP.getFreeHeap()); } } @@ -683,16 +679,9 @@ void _onRPC(AsyncWebServerRequest *request) { } -void _onHome(AsyncWebServerRequest *request) { - webLogRequest(request); - if (!_authenticate(request)) return request->requestAuthentication(); - request->send(SPIFFS, "/index.html"); -} - void _onAuth(AsyncWebServerRequest *request) { webLogRequest(request); - if (!_authenticate(request)) return request->requestAuthentication(); IPAddress ip = request->client()->remoteIP(); @@ -726,8 +715,6 @@ void webSetup() { _server->addHandler(&ws); // Serve home (basic authentication protection) - _server->on("/", HTTP_GET, _onHome); - _server->on("/index.html", HTTP_GET, _onHome); _server->on("/auth", HTTP_GET, _onAuth); _server->on("/apis", HTTP_GET, _onAPIs); _server->on("/rpc", HTTP_GET, _onRPC); @@ -735,7 +722,13 @@ void webSetup() { // Serve static files char lastModified[50]; sprintf(lastModified, "%s %s GMT", __DATE__, __TIME__); - _server->serveStatic("/", SPIFFS, "/").setLastModified(lastModified); + _server->rewrite("/", "/index.html"); + _server->serveStatic("/", SPIFFS, "/") + .setLastModified(lastModified) + .setFilter([](AsyncWebServerRequest *request) -> bool { + webLogRequest(request); + return true; + }); // 404 _server->onNotFound([](AsyncWebServerRequest *request){ diff --git a/code/html/custom.css b/code/html/custom.css index 9f633c0e..e9196fa7 100644 --- a/code/html/custom.css +++ b/code/html/custom.css @@ -90,3 +90,14 @@ div.hint { .webmode { display: none; } +#credentials { + font-size: 200%; + text-align: center; + height: 100px; + width: 400px; + position: fixed; + top: 50%; + left: 50%; + margin-top: -50px; + margin-left: -200px; +} diff --git a/code/html/custom.js b/code/html/custom.js index 1c87f734..47490894 100644 --- a/code/html/custom.js +++ b/code/html/custom.js @@ -216,6 +216,7 @@ function processData(data) { password = data.webMode == 1; $("#layout").toggle(data.webMode == 0); $("#password").toggle(data.webMode == 1); + $("#credentials").hide(); } // Actions @@ -393,11 +394,16 @@ function init() { $("div.more", addNetwork()).toggle(); }); + var host = window.location.hostname; + var port = location.port; + $.ajax({ 'method': 'GET', - 'url': '/auth' + 'url': 'http://' + host + ':' + port + '/auth' }).done(function(data) { connect(); + }).fail(function(){ + $("#credentials").show(); }); } diff --git a/code/html/index.html b/code/html/index.html index 6cca2b25..53c81789 100644 --- a/code/html/index.html +++ b/code/html/index.html @@ -19,6 +19,10 @@ +
+ Wrong credentials +
+