Password protection for vedirect settings API
This commit is contained in:
helgeerbe
parent
f35395e76f
commit
2c6dff3714
6
.vscode/settings.json
vendored
6
.vscode/settings.json
vendored
@ -1,3 +1,7 @@
|
|||||||
{
|
{
|
||||||
"C_Cpp.clang_format_style": "WebKit"
|
"C_Cpp.clang_format_style": "WebKit",
|
||||||
|
"files.associations": {
|
||||||
|
"*.tcc": "cpp",
|
||||||
|
"algorithm": "cpp"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
@ -3,6 +3,7 @@
|
|||||||
|
|
||||||
#include <ESPAsyncWebServer.h>
|
#include <ESPAsyncWebServer.h>
|
||||||
|
|
||||||
|
|
||||||
class WebApiVedirectClass {
|
class WebApiVedirectClass {
|
||||||
public:
|
public:
|
||||||
void init(AsyncWebServer* server);
|
void init(AsyncWebServer* server);
|
||||||
|
|||||||
@ -7,6 +7,7 @@
|
|||||||
#include "ArduinoJson.h"
|
#include "ArduinoJson.h"
|
||||||
#include "AsyncJson.h"
|
#include "AsyncJson.h"
|
||||||
#include "Configuration.h"
|
#include "Configuration.h"
|
||||||
|
#include "WebApi.h"
|
||||||
#include "helper.h"
|
#include "helper.h"
|
||||||
|
|
||||||
void WebApiVedirectClass::init(AsyncWebServer* server)
|
void WebApiVedirectClass::init(AsyncWebServer* server)
|
||||||
@ -28,7 +29,7 @@ void WebApiVedirectClass::onVedirectStatus(AsyncWebServerRequest* request)
|
|||||||
{
|
{
|
||||||
AsyncJsonResponse* response = new AsyncJsonResponse();
|
AsyncJsonResponse* response = new AsyncJsonResponse();
|
||||||
JsonObject root = response->getRoot();
|
JsonObject root = response->getRoot();
|
||||||
CONFIG_T& config = Configuration.get();
|
const CONFIG_T& config = Configuration.get();
|
||||||
|
|
||||||
root[F("vedirect_enabled")] = config.Vedirect_Enabled;
|
root[F("vedirect_enabled")] = config.Vedirect_Enabled;
|
||||||
root[F("vedirect_pollinterval")] = config.Vedirect_PollInterval;
|
root[F("vedirect_pollinterval")] = config.Vedirect_PollInterval;
|
||||||
@ -40,9 +41,13 @@ void WebApiVedirectClass::onVedirectStatus(AsyncWebServerRequest* request)
|
|||||||
|
|
||||||
void WebApiVedirectClass::onVedirectAdminGet(AsyncWebServerRequest* request)
|
void WebApiVedirectClass::onVedirectAdminGet(AsyncWebServerRequest* request)
|
||||||
{
|
{
|
||||||
|
if (!WebApi.checkCredentials(request)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
AsyncJsonResponse* response = new AsyncJsonResponse();
|
AsyncJsonResponse* response = new AsyncJsonResponse();
|
||||||
JsonObject root = response->getRoot();
|
JsonObject root = response->getRoot();
|
||||||
CONFIG_T& config = Configuration.get();
|
const CONFIG_T& config = Configuration.get();
|
||||||
|
|
||||||
root[F("vedirect_enabled")] = config.Vedirect_Enabled;
|
root[F("vedirect_enabled")] = config.Vedirect_Enabled;
|
||||||
root[F("vedirect_pollinterval")] = config.Vedirect_PollInterval;
|
root[F("vedirect_pollinterval")] = config.Vedirect_PollInterval;
|
||||||
@ -54,6 +59,10 @@ void WebApiVedirectClass::onVedirectAdminGet(AsyncWebServerRequest* request)
|
|||||||
|
|
||||||
void WebApiVedirectClass::onVedirectAdminPost(AsyncWebServerRequest* request)
|
void WebApiVedirectClass::onVedirectAdminPost(AsyncWebServerRequest* request)
|
||||||
{
|
{
|
||||||
|
if (!WebApi.checkCredentials(request)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
AsyncJsonResponse* response = new AsyncJsonResponse();
|
AsyncJsonResponse* response = new AsyncJsonResponse();
|
||||||
JsonObject retMsg = response->getRoot();
|
JsonObject retMsg = response->getRoot();
|
||||||
retMsg[F("type")] = F("warning");
|
retMsg[F("type")] = F("warning");
|
||||||
|
|||||||
@ -111,7 +111,7 @@ const router = createRouter({
|
|||||||
|
|
||||||
router.beforeEach((to, from, next) => {
|
router.beforeEach((to, from, next) => {
|
||||||
// redirect to login page if not logged in and trying to access a restricted page
|
// redirect to login page if not logged in and trying to access a restricted page
|
||||||
const publicPages = ['/', '/login', '/about', '/info/network', '/info/system', '/info/ntp', '/info/mqtt', ];
|
const publicPages = ['/', '/login', '/about', '/info/network', '/info/system', '/info/ntp', '/info/mqtt', '/info/vedirect', ];
|
||||||
const authRequired = !publicPages.includes(to.path);
|
const authRequired = !publicPages.includes(to.path);
|
||||||
const loggedIn = localStorage.getItem('user');
|
const loggedIn = localStorage.getItem('user');
|
||||||
|
|
||||||
|
|||||||
@ -74,7 +74,7 @@ export default defineComponent({
|
|||||||
methods: {
|
methods: {
|
||||||
getVedirectConfig() {
|
getVedirectConfig() {
|
||||||
this.dataLoading = true;
|
this.dataLoading = true;
|
||||||
fetch("api/vedirect/config", { headers: authHeader() })
|
fetch("/api/vedirect/config", { headers: authHeader() })
|
||||||
.then((response) => handleResponse(response, this.$emitter))
|
.then((response) => handleResponse(response, this.$emitter))
|
||||||
.then((data) => {
|
.then((data) => {
|
||||||
this.vedirectConfigList = data;
|
this.vedirectConfigList = data;
|
||||||
|
|||||||
Binary file not shown.
Loading…
Reference in New Issue
Block a user