feedc0de/bobbycar-boardcomputer-firmware
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added security to json backend

Browse Source
This commit is contained in:
CommanderRedYT
2021-12-09 14:56:06 +01:00
parent 64ac74ea5d
commit 7761f415a5
6 changed files with 104 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
main/webserver_displaycontrol.cpp
View File

@@ -30,7 +30,7 @@ esp_err_t webserver_root_handler(httpd_req_t *req)
char tmpBuf[256];
const auto key_result = httpd_query_key_value(wants_json_query.data(), "json", tmpBuf, 256);
if (key_result == ESP_OK)
if (key_result == ESP_OK && (tmpBuf == stringSettings.webserver_password || stringSettings.webserver_password.empty()))
{
body += "{";
if (auto currentDisplay = static_cast<const espgui::Display *>(espgui::currentDisplay.get()))
@@ -46,7 +46,7 @@ esp_err_t webserver_root_handler(httpd_req_t *req)
body += fmt::format("\"index\":{},\"items\":[", menuDisplay->selectedIndex());
menuDisplay->runForEveryMenuItem([&,selectedIndex=menuDisplay->selectedIndex()](const espgui::MenuItem &menuItem){
body += "{";
body += fmt::format("\"name\":\"{}\",\"icon\":\"{}\"", menuItem.text(), "none"); // menuItem.icon()->name
body += fmt::format("\"name\":\"{}\",\"icon\":\"{}\"", menuItem.text(), menuItem.icon()->name);
body += "},";
});
body += "],";
@@ -66,6 +66,10 @@ esp_err_t webserver_root_handler(httpd_req_t *req)
}
body += "}";
}
else if (tmpBuf != stringSettings.webserver_password)
{
CALL_AND_EXIT(esphttpdutils::webserver_resp_send, req, esphttpdutils::ResponseStatus::Unauthorized, "text/plain", "");
}
else
{
HtmlTag htmlTag{"html", body};