patrick/OpenDTU
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Fix: force websocket clients to authenticate

Browse Source 
when changing the security settings (disabling read-only access or
changing the password), existing websocket connections are now closed,
forcing the respective clients to authenticate (with the new password).
otherwise, existing websocket clients keep connected even though the
security settings now expect authentication with a (changed) password.
This commit is contained in:
Bernhard Kirchen 2024-09-30 15:53:30 +02:00
parent ebb225f6c0
commit d5d1a9982f
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/WebApi_ws_console.cpp
View File

@ -36,8 +36,11 @@ void WebApiWsConsoleClass::reload()
if (config.Security.AllowReadonly) { return; }
_ws.enable(false);
_simpleDigestAuth.setPassword(config.Security.Password);
_ws.addMiddleware(&_simpleDigestAuth);
_ws.closeAll();
_ws.enable(true);
}
void WebApiWsConsoleClass::wsCleanupTaskCb()

3
src/WebApi_ws_live.cpp
View File

@ -50,8 +50,11 @@ void WebApiWsLiveClass::reload()
if (config.Security.AllowReadonly) { return; }
_ws.enable(false);
_simpleDigestAuth.setPassword(config.Security.Password);
_ws.addMiddleware(&_simpleDigestAuth);
_ws.closeAll();
_ws.enable(true);
}
void WebApiWsLiveClass::wsCleanupTaskCb()