me-no-dev/ESPAsyncWebServer
1
0
Fork 1
mirror of https://github.com/me-no-dev/ESPAsyncWebServer.git synced 2025-08-03 12:44:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

AuthenticationMiddleware bug fixes

Browse Source
This commit is contained in:
Mathieu Carbou
2024-10-03 01:05:19 +02:00
parent 6884bb74a6
commit 4843a55e59
2 changed files with 25 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/ESPAsyncWebServer.h
View File

@@ -166,11 +166,12 @@ typedef enum { RCT_NOT_USED = -1,
// this enum is similar to Arduino WebServer's AsyncAuthType and PsychicHttp // this enum is similar to Arduino WebServer's AsyncAuthType and PsychicHttp
typedef enum { typedef enum {
AUTH_NONE = 0, AUTH_NONE = 0, // always allow
AUTH_BASIC, AUTH_BASIC = 1,
AUTH_DIGEST, AUTH_DIGEST = 2,
AUTH_BEARER, AUTH_BEARER = 3,
AUTH_OTHER, AUTH_OTHER = 4,
AUTH_DENIED = 255, // always returns 401
} AsyncAuthType; } AsyncAuthType;
typedef std::function<size_t(uint8_t*, size_t, size_t)> AwsResponseFiller; typedef std::function<size_t(uint8_t*, size_t, size_t)> AwsResponseFiller;
@@ -570,12 +571,25 @@ class AuthenticationMiddleware : public AsyncMiddleware {
void setRealm(const char* realm) { _realm = realm; } void setRealm(const char* realm) { _realm = realm; }
void setAuthFailureMessage(const char* message) { _authFailMsg = message; } void setAuthFailureMessage(const char* message) { _authFailMsg = message; }
// set the authentication method to use
// default is AUTH_NONE: no authentication required
// AUTH_BASIC: basic authentication
// AUTH_DIGEST: digest authentication
// AUTH_BEARER: bearer token authentication
// AUTH_OTHER: other authentication method
// AUTH_DENIED: always return 401 Unauthorized
// if a method is set but no username or password is set, authentication will be ignored
void setAuthType(AsyncAuthType authMethod) { _authMethod = authMethod; } void setAuthType(AsyncAuthType authMethod) { _authMethod = authMethod; }
// precompute and store the hash value based on the username, realm, and authMethod // precompute and store the hash value based on the username, password, realm.
// can be used for DIGEST and BASIC to avoid recomputing the hash for each request.
// returns true if the hash was successfully generated and replaced // returns true if the hash was successfully generated and replaced
bool generateHash(); bool generateHash();
// returns true if the username and password (or hash) are set
bool hasCredentials() { return _hasCreds; }
bool allowed(AsyncWebServerRequest* request); bool allowed(AsyncWebServerRequest* request);
void run(AsyncWebServerRequest* request, ArMiddlewareNext next); void run(AsyncWebServerRequest* request, ArMiddlewareNext next);

7
src/Middleware.cpp
View File

@@ -66,7 +66,7 @@ void AuthenticationMiddleware::setPassword(const char* password) {
void AuthenticationMiddleware::setPasswordHash(const char* hash) { void AuthenticationMiddleware::setPasswordHash(const char* hash) {
_credentials = hash; _credentials = hash;
_hash = true; _hash = _credentials.length();
_hasCreds = _username.length() && _credentials.length(); _hasCreds = _username.length() && _credentials.length();
} }
@@ -99,8 +99,11 @@ bool AuthenticationMiddleware::allowed(AsyncWebServerRequest* request) {
if (_authMethod == AsyncAuthType::AUTH_NONE) if (_authMethod == AsyncAuthType::AUTH_NONE)
return true; return true;
if (_authMethod == AsyncAuthType::AUTH_DENIED)
return true;
if (!_hasCreds) if (!_hasCreds)
return false; return true;
return request->authenticate(_username.c_str(), _credentials.c_str(), _realm.c_str(), _hash); return request->authenticate(_username.c_str(), _credentials.c_str(), _realm.c_str(), _hash);
} }