NFC-Doorlock/ESP8266-Firmware
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

AdminAuth: switched to references of already existing strings instead of char pointers created from strings, Capitive Portal through fake dns

Browse Source
This commit is contained in:
Jean Jacques Avril
2022-03-11 10:34:09 +01:00
parent bb3e4fa27c
commit bbdef13516
9 changed files with 107 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/AdminAuth.cpp
+68 -41
View File
@@ -10,50 +10,77 @@ bool AdminAuth::logout(const char *token)
tokenbuffer->setnull(tid);
return tid != -1;
}
char *AdminAuth::login(const char *username, const char *password)
char *AdminAuth::login(const String& username, const String& password)
{
char *res = nullptr;
File adminfile = LittleFS.open("admin", "r");
bool current_field = false;
uint16_t current_pos = 0;
Serial.print('-');
while (adminfile.available())
{
char current = adminfile.read();
Serial.print(current);
Serial.print('-');
if (current == 0x00)
{
if (current_field)
{
if (password[current_pos] == 0x00)
res = tokenbuffer->newToken();
break;
}
else
{
if (username[current_pos] != 0x00)
break;
current_pos = 0;
current_field = true;
}
}
else if (!current_field)
{
Serial.print(String(username[current_pos]));
if (username[current_pos] == 0x00 || username[current_pos] != current)
break;
current_pos++;
}
else
{
Serial.print(String(password[current_pos]));
if (password[current_pos] == 0x00 || password[current_pos] != current)
break;
current_pos++;
}
Serial.print(',');
}
if (username.equals(adminfile.readStringUntil('\0')) && password.equals(adminfile.readStringUntil('\0')))
res = tokenbuffer->newToken();
adminfile.close();
return res;
}
//char *AdminAuth::login(const char *username, const char *password)
//{
// char *res = nullptr;
// File adminfile = LittleFS.open("admin", "r");
// bool current_field = false;
// uint16_t current_pos = 0;
// Serial.print('-');
// while (adminfile.available())
// {
// char current = adminfile.read();
// Serial.print(current);
// Serial.print('-');
//
// if (current == 0x00)
// {
// if (current_field)
// {
// if (password[current_pos] == 0x00)
// res = tokenbuffer->newToken();
// break;
// }
// else
// {
// if (username[current_pos] != 0x00)
// break;
// current_pos = 0;
// current_field = true;
// }
// }
// else if (current_pos >= MAX_USERNAMEPASSWORD_LENGTH)
// break;
// else if (!current_field)
// {
// Serial.print(String(username[current_pos]));
// if (username[current_pos] == 0x00 || username[current_pos] != current)
// break;
// current_pos++;
// }
// else
// {
// Serial.print(String(password[current_pos]));
// if (password[current_pos] == 0x00 || password[current_pos] != current)
// break;
// current_pos++;
// }
// Serial.print(',');
// }
// adminfile.close();
// return res;
//}
bool AdminAuth::setAuth(const String& username, const String& password)
{
if (username.length() == 0 || username.length() > MAX_USERNAMEPASSWORD_LENGTH || password.length()==0 || password.length() > MAX_USERNAMEPASSWORD_LENGTH)
return false;
File adminfile = LittleFS.open("admin", "w+");
adminfile.print(username);
adminfile.print('\0');
adminfile.print(password);
adminfile.print('\0');
adminfile.seek(0);
adminfile.sendAll(Serial);
delay(1);
adminfile.close();
return true;
}
src/AdminAuth.h
+4 -1
View File
@@ -2,6 +2,7 @@
#include "LittleFS.h"
#define TOKENBUFFERCAPACITY 3
#define TOKENLENGHT 10
#define MAX_USERNAMEPASSWORD_LENGTH 25
namespace webconsole
{
@@ -67,9 +68,11 @@ namespace webconsole
class AdminAuth
{
public:
char *login(const char *username, const char *password);
//char *login(const char *username, const char *password);
char *login(const String &username,const String &password);
bool isAuth(const char *token);
bool logout(const char *token);
bool setAuth(const String &username, const String &password);
private:
TokenBuffer *tokenbuffer = new TokenBuffer();
src/WebConsole.cpp
+9 -3
View File
@@ -76,9 +76,7 @@ void WebConsole::_auth()
}
else if (action.equals("login"))
{
const char *username = _server->arg("username").c_str();
const char *password = _server->arg("password").c_str();
char *token = auth.login(username, password);
char *token = auth.login(_server->arg("username"), _server->arg("password"));
if (token == nullptr)
_server->send(401, "text/plain", "failed!");
else
@@ -90,6 +88,14 @@ void WebConsole::_auth()
bool res = auth.logout(token);
_server->send(200, "text/plain", res ? "success" : "failed");
}
else if (action.equals("update"))
{
//if (!_isAuth())
// return;
bool res = auth.setAuth(_server->arg("username"), _server->arg("password"));
_server->send(200, "text/plain", res ? "success" : "failed");
}
else
_server->send(404, "text/plain", "unknown action");
}
src/main.cpp
+10 -4
View File
@@ -8,6 +8,8 @@
#include "WebConsole.h"
#include "UserDb.h"
#include "Config.h"
#include <ESP8266mDNS.h>
#include <DNSServer.h>
// File config
Config config;
userdb::UserDb userdatabase("userdb.csv");
@@ -23,22 +25,25 @@ Keyboard keyboard(200);
Interface iface;
// Wifi control
IPAddress local_IP(192, 168, 4, 22);
IPAddress gateway(192, 168, 4, 9);
IPAddress gateway(0, 0, 0, 0);
IPAddress subnet(255, 255, 255, 0);
IPAddress dns(192, 168, 178, 1);
DNSServer dnsServer;
void setup()
{
config.loadConfig();
Serial.begin(115200);
Serial.println("Starting System");
Serial.print("\t1. Network config ->");
Serial.println(WiFi.softAPConfig(local_IP, gateway, subnet) ? "Ready" : "Failed!");
WiFi.mode(WIFI_AP);
Serial.println(WiFi.softAPConfig(local_IP, local_IP, subnet) ? "Ready" : "Failed!");
Serial.print("\t2 AP setup " + String(config.SSID)+ " -> ");
if (strlen(config.PASS) > 0)
Serial.println(WiFi.softAP(config.SSID, config.PASS) ? "Ready" : "Failed!");
else
Serial.println(WiFi.softAP(config.SSID) ? "Ready" : "Failed!");
WiFi.hostname("Doorlock");
dnsServer.start(53, "*", local_IP); // DNS spoofing (Only HTTP)
delay(150);
#ifdef DEBUG
userdatabase.print_to_serial();
@@ -52,6 +57,7 @@ void setup()
void loop()
{
dnsServer.processNextRequest();
rfid.scan();
web.serve();
keyboard.scanAsync();