me-no-dev/ESPAsyncWebServer
1
0
Fork 1
mirror of https://github.com/me-no-dev/ESPAsyncWebServer.git synced 2025-08-03 12:44:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

AuthenticationMiddleware bug fixes

Browse Source
This commit is contained in:
Mathieu Carbou
2024-10-03 01:05:19 +02:00
parent 6884bb74a6
commit 4843a55e59
2 changed files with 25 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/ESPAsyncWebServer.h
View File

@@ -166,11 +166,12 @@ typedef enum { RCT_NOT_USED = -1,
// this enum is similar to Arduino WebServer's AsyncAuthType and PsychicHttp
typedef enum {
AUTH_NONE = 0,
AUTH_BASIC,
AUTH_DIGEST,
AUTH_BEARER,
AUTH_OTHER,
AUTH_NONE = 0, // always allow
AUTH_BASIC = 1,
AUTH_DIGEST = 2,
AUTH_BEARER = 3,
AUTH_OTHER = 4,
AUTH_DENIED = 255, // always returns 401
} AsyncAuthType;
typedef std::function<size_t(uint8_t*, size_t, size_t)> AwsResponseFiller;
@@ -570,12 +571,25 @@ class AuthenticationMiddleware : public AsyncMiddleware {
void setRealm(const char* realm) { _realm = realm; }
void setAuthFailureMessage(const char* message) { _authFailMsg = message; }
// set the authentication method to use
// default is AUTH_NONE: no authentication required
// AUTH_BASIC: basic authentication
// AUTH_DIGEST: digest authentication
// AUTH_BEARER: bearer token authentication
// AUTH_OTHER: other authentication method
// AUTH_DENIED: always return 401 Unauthorized
// if a method is set but no username or password is set, authentication will be ignored
void setAuthType(AsyncAuthType authMethod) { _authMethod = authMethod; }
// precompute and store the hash value based on the username, realm, and authMethod
// precompute and store the hash value based on the username, password, realm.
// can be used for DIGEST and BASIC to avoid recomputing the hash for each request.
// returns true if the hash was successfully generated and replaced
bool generateHash();
// returns true if the username and password (or hash) are set
bool hasCredentials() { return _hasCreds; }
bool allowed(AsyncWebServerRequest* request);
void run(AsyncWebServerRequest* request, ArMiddlewareNext next);

7
src/Middleware.cpp
View File

@@ -66,7 +66,7 @@ void AuthenticationMiddleware::setPassword(const char* password) {
void AuthenticationMiddleware::setPasswordHash(const char* hash) {
_credentials = hash;
_hash = true;
_hash = _credentials.length();
_hasCreds = _username.length() && _credentials.length();
}
@@ -99,8 +99,11 @@ bool AuthenticationMiddleware::allowed(AsyncWebServerRequest* request) {
if (_authMethod == AsyncAuthType::AUTH_NONE)
return true;
if (_authMethod == AsyncAuthType::AUTH_DENIED)
return true;
if (!_hasCreds)
return false;
return true;
return request->authenticate(_username.c_str(), _credentials.c_str(), _realm.c_str(), _hash);
}