From ab35a3ff89fc8b6dcafdcb3078ec819c24ecf725 Mon Sep 17 00:00:00 2001
From: Eric Duminil <eric.duminil@gmail.com>
Date: Sun, 13 Feb 2022 00:13:08 +0100
Subject: [PATCH] use AP password for HTTP

---
 ampel-firmware/web_config.cpp | 15 +++++++++++----
 ampel-firmware/web_config.h   |  6 ++++--
 ampel-firmware/web_server.cpp | 20 ++------------------
 3 files changed, 17 insertions(+), 24 deletions(-)

diff --git a/ampel-firmware/web_config.cpp b/ampel-firmware/web_config.cpp
index b6f3656..e336aca 100644
--- a/ampel-firmware/web_config.cpp
+++ b/ampel-firmware/web_config.cpp
@@ -1,5 +1,7 @@
 #include "web_config.h"
 
+#define STRING_LEN 40 // Should be enough for ip, addresses, passwords...
+
 #if defined(ESP8266)
 #  include <ESP8266WebServer.h>
 #elif defined(ESP32)
@@ -37,7 +39,7 @@ namespace web_config {
 
   IotWebConf *iotWebConf;
 
-  const char config_version[IOTWEBCONF_CONFIG_VERSION_LENGTH] = "a08"; // -- Configuration specific key. The value should be modified if config structure was changed.
+  const char config_version[IOTWEBCONF_CONFIG_VERSION_LENGTH] = "a09"; // -- Configuration specific key. The value should be modified if config structure was changed.
   using namespace iotwebconf;
 
   /**
@@ -89,9 +91,6 @@ namespace web_config {
   IntTParameter<uint16_t> ledCountParam = Builder<IntTParameter<uint16_t>>("led_count").label("LED ring").defaultValue(
   LED_COUNT).min(12).max(16).step(4).build();
 
-//  #  define HTTP_USER "co2ampel"
-//  #  define HTTP_PASSWORD "my_password"
-
   /**
    * CSV
    */
@@ -290,6 +289,10 @@ namespace config {
     return web_config::iotWebConf->getWifiSsidParameter()->valueBuffer;
   }
 
+  char* ap_password() {
+    return web_config::iotWebConf->getApPasswordParameter()->valueBuffer;
+  }
+
   // Sensor
   uint16_t &measurement_timestep = web_config::timestepParam.value(); // [s] Value between 2 and 1800 (range for SCD30 sensor).
   uint16_t &altitude_above_sea_level = web_config::altitudeParam.value(); // [m]
@@ -330,6 +333,10 @@ namespace config {
   bool &mqtt_encryption = web_config::mqttEncryptionParam.value();
   bool &allow_mqtt_commands = web_config::mqttCommandsParam.value();
 
+  // HTTP
+//  const char *http_user = IOTWEBCONF_ADMIN_USER_NAME; // "admin" by default
+//  char *http_password = web_config::iotWebConf->getApPasswordParameter()->valueBuffer;
+
   // LORAWAN
 #if defined(ESP32)
   bool lorawan_active() {
diff --git a/ampel-firmware/web_config.h b/ampel-firmware/web_config.h
index 830f9f8..ec82ad3 100644
--- a/ampel-firmware/web_config.h
+++ b/ampel-firmware/web_config.h
@@ -1,8 +1,6 @@
 #ifndef AMPEL_WEB_CONFIG_H_
 #define AMPEL_WEB_CONFIG_H_
 
-#define STRING_LEN 64 //TODO: Shorter?
-
 #if defined(ESP8266)
 #  include <ESP8266WebServer.h>
 #elif defined(ESP32)
@@ -14,6 +12,7 @@ namespace config {
 
   // WiFi
   char* selected_ssid();
+  char* ap_password();
   extern bool &wifi_active; // [true / false]
 
   // Sensor
@@ -47,6 +46,9 @@ namespace config {
   extern bool &mqtt_encryption; // [true / false]
   extern bool &allow_mqtt_commands; // [true / false]
 
+  // HTTP
+  const char http_user[] = "admin"; // "admin" by default
+
   // LORAWAN
 #if defined(ESP32)
   bool lorawan_active(); // also defined for ESP8266, and set to false
diff --git a/ampel-firmware/web_server.cpp b/ampel-firmware/web_server.cpp
index b1ab82c..d35c4a3 100644
--- a/ampel-firmware/web_server.cpp
+++ b/ampel-firmware/web_server.cpp
@@ -1,7 +1,6 @@
 #include "web_server.h"
 
 #include "web_config.h"
-#include "config.h" // TODO: Remove once HTTP_USER and HTTP_PASSWORD are in web_config
 #include "util.h"
 #include "ntp.h"
 #include "wifi_util.h"
@@ -17,21 +16,6 @@
 #  include <WebServer.h>
 #endif
 
-namespace config {
-  // Values should be defined in config.h
-#ifdef HTTP_USER
-  const char *http_user = HTTP_USER;
-#else
-  const char *http_user = "";
-#endif
-#ifdef HTTP_PASSWORD
-  const char *http_password = HTTP_PASSWORD;
-#else
-  const char *http_password = "";
-#endif
-
-}
-
 namespace web_server {
 
   const char *header_template;
@@ -182,8 +166,8 @@ namespace web_server {
 
   // Allow access if http_user or http_password are empty, or if provided credentials match
   bool shouldBeAllowed() {
-    return strcmp(config::http_user, "") == 0 || strcmp(config::http_password, "") == 0
-        || web_config::http.authenticate(config::http_user, config::http_password);
+    return strcmp(config::http_user, "") == 0 || strcmp(config::ap_password(), "") == 0
+        || web_config::http.authenticate(config::http_user, config::ap_password());
   }
 
   void handleWebServerRoot() {
-- 
GitLab