From 80e8e4f7dac018f2cd1cffbea9f461e652b178da Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Hru=C5=A1ka?= <ondra@ondrovo.com>
Date: Sat, 23 Sep 2017 01:59:53 +0200
Subject: [PATCH] added username config for basic auth

---
 Makefile          |  1 -
 esphttpdconfig.mk | 11 ++++-------
 front-end         |  2 +-
 user/cgi_system.c | 32 ++++++++++++++++++++++++++++++--
 user/persist.c    |  2 +-
 user/persist.h    |  2 ++
 user/routes.c     | 17 +++++++++++++++--
 user/syscfg.c     |  9 ++++++++-
 user/syscfg.h     |  6 +++++-
 9 files changed, 66 insertions(+), 16 deletions(-)

diff --git a/Makefile b/Makefile
index a0ecbd3..a815b7a 100644
--- a/Makefile
+++ b/Makefile
@@ -69,7 +69,6 @@ CFLAGS		= -Os -std=gnu99 -Werror -Wpointer-arith -Wundef -Wall -Wl,-EL -fno-inli
 
 CFLAGS += -DGIT_HASH_BACKEND='"$(shell git rev-parse --short HEAD)"'
 CFLAGS += -DGIT_HASH_FRONTEND='"$(shell cd front-end && git rev-parse --short HEAD)"'
-CFLAGS += -DADMIN_PASSWORD=$(ADMIN_PASSWORD)
 CFLAGS += -D__TIMEZONE__='"$(shell date +%Z)"'
 
 ifdef GLOBAL_CFLAGS
diff --git a/esphttpdconfig.mk b/esphttpdconfig.mk
index f0a7175..d8b6237 100644
--- a/esphttpdconfig.mk
+++ b/esphttpdconfig.mk
@@ -38,20 +38,17 @@ OUTPUT_TYPE = combined
 # SPI flash size, in K
 ESP_SPI_FLASH_SIZE_K = 1024
 
-# Admin password, used to store settings to flash as defaults
-ADMIN_PASSWORD = "adminpw"
-
 GLOBAL_CFLAGS = \
     -DDEBUG_ROUTER=0 \
     -DDEBUG_CAPTDNS=0 \
     -DDEBUG_HTTP=0 \
     -DDEBUG_ESPFS=0 \
-    -DDEBUG_PERSIST=1 \
+    -DDEBUG_PERSIST=0 \
     -DDEBUG_UTFCACHE=0 \
-    -DDEBUG_CGI=1 \
+    -DDEBUG_CGI=0 \
     -DDEBUG_WIFI=0 \
     -DDEBUG_WS=0 \
-    -DDEBUG_ANSI=0 \
+    -DDEBUG_ANSI=1 \
     -DDEBUG_ANSI_NOIMPL=1 \
     -DDEBUG_INPUT=0 \
     -DDEBUG_HEAP=1 \
@@ -59,6 +56,6 @@ GLOBAL_CFLAGS = \
     -DHTTPD_MAX_BACKLOG_SIZE=8192 \
     -DHTTPD_MAX_HEAD_LEN=1024 \
     -DHTTPD_MAX_POST_LEN=512 \
-    -DDEBUG_LOGBUF_SIZE=2048 \
+    -DDEBUG_LOGBUF_SIZE=1024 \
     -mforce-l32 \
     -DUSE_OPTIMIZE_PRINTF=1
diff --git a/front-end b/front-end
index 172a890..6c64248 160000
--- a/front-end
+++ b/front-end
@@ -1 +1 @@
-Subproject commit 172a890be27476586a54296d6584300ad5bf1888
+Subproject commit 6c6424877c49e3e23f563067a78e79338226359d
diff --git a/user/cgi_system.c b/user/cgi_system.c
index 7329f97..e958f4f 100755
--- a/user/cgi_system.c
+++ b/user/cgi_system.c
@@ -139,11 +139,29 @@ cgiSystemCfgSetParams(HttpdConnData *connData)
 					break;
 				}
 
-				cgi_dbg("Changing access PW!!!");
+				if (strlen(buff) >= 64) {
+					cgi_warn("Too long access_pw %s", buff);
+					redir_url += sprintf(redir_url, "access_pw,");
+					break;
+				}
+
+				cgi_dbg("Changing access PW!");
 				strncpy(sysconf->access_pw, buff, 64);
 			}
 		}
 
+		if (GET_ARG("access_name")) {
+			cgi_dbg("access_name: %s", buff);
+
+			if (!strlen(buff) || strlen(buff) >= 32) {
+				cgi_warn("Too long access_name %s", buff);
+				redir_url += sprintf(redir_url, "access_name,");
+				break;
+			}
+
+			strncpy(sysconf->access_name, buff, 32);
+		}
+
 		if (GET_ARG("admin_pw")) {
 			cgi_dbg("admin_pw: %s", buff);
 
@@ -161,7 +179,13 @@ cgiSystemCfgSetParams(HttpdConnData *connData)
 					break;
 				}
 
-				cgi_dbg("Changing admin PW!!!");
+				if (strlen(buff) >= 64) {
+					cgi_warn("Too long admin_pw %s", buff);
+					redir_url += sprintf(redir_url, "admin_pw,");
+					break;
+				}
+
+				cgi_dbg("Changing admin PW!");
 				strncpy(persist.admin.pw, buff, 64);
 			}
 		}
@@ -211,6 +235,10 @@ tplSystemCfg(HttpdConnData *connData, char *token, void **arg)
 		sprintf(buff, "%d", sysconf->pwlock);
 	}
 
+	if (streq(token, "access_name")) {
+		sprintf(buff, "%s", sysconf->access_name);
+	}
+
 	tplSend(connData, buff, -1);
 	return HTTPD_CGI_DONE;
 }
diff --git a/user/persist.c b/user/persist.c
index c9ea315..cfe189b 100644
--- a/user/persist.c
+++ b/user/persist.c
@@ -101,7 +101,7 @@ static void ICACHE_FLASH_ATTR
 set_admin_block_defaults(void)
 {
 	persist_info("[Persist] Initing admin config block");
-	strcpy(persist.admin.pw, STR(ADMIN_PASSWORD));
+	strcpy(persist.admin.pw, DEFAULT_ADMIN_PW);
 	persist.admin.version = ADMINCONF_VERSION;
 }
 
diff --git a/user/persist.h b/user/persist.h
index 8f6c15a..7591873 100644
--- a/user/persist.h
+++ b/user/persist.h
@@ -14,6 +14,8 @@
 #include "screen.h"
 #include "syscfg.h"
 
+#define DEFAULT_ADMIN_PW "adminpw"
+
 // Changing this could be used to force-erase the config area
 // after a firmware upgrade
 #define CHECKSUM_SALT 5
diff --git a/user/routes.c b/user/routes.c
index 45e961c..9dfd8a5 100644
--- a/user/routes.c
+++ b/user/routes.c
@@ -13,6 +13,7 @@
 #include "cgi_term_cfg.h"
 #include "cgi_persist.h"
 #include "syscfg.h"
+#include "persist.h"
 
 /**
  * Password for WiFi config
@@ -20,10 +21,15 @@
 static int ICACHE_FLASH_ATTR wifiPassFn(HttpdConnData *connData, int no, char *user, int userLen, char *pass, int passLen)
 {
 	if (no == 0) {
-		os_strcpy(user, "admin");
+		os_strcpy(user, sysconf->access_name);
 		os_strcpy(pass, sysconf->access_pw);
 		return 1;
 	}
+	if (no == 1) {
+		os_strcpy(user, "admin");
+		os_strcpy(pass, persist.admin.pw);
+		return 1;
+	}
 	return 0;
 }
 
@@ -31,6 +37,8 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiOptionalPwLock(HttpdConnData *connData)
 {
 	bool protect = false;
 
+	http_dbg("Route, %s, pwlock=%d", connData->url, sysconf->pwlock);
+
 	switch (sysconf->pwlock) {
 		case PWLOCK_ALL:
 			protect = true;
@@ -63,12 +71,17 @@ httpd_cgi_state ICACHE_FLASH_ATTR cgiOptionalPwLock(HttpdConnData *connData)
 		if (strstarts(connData->url, "/system/cls")) protect = true;
 	}
 
-	if (sysconf->access_pw[0] == 0) protect = false;
+	if (sysconf->access_pw[0] == 0) {
+		http_dbg("Access PW is nil, no protection.");
+		protect = false;
+	}
 
 	if (protect) {
+		http_dbg("Page is protected!");
 		connData->cgiArg = wifiPassFn;
 		return authBasic(connData);
 	} else {
+		http_dbg("Not protected");
 		return HTTPD_CGI_NOTFOUND;
 	}
 }
diff --git a/user/syscfg.c b/user/syscfg.c
index cfa0695..f9004da 100644
--- a/user/syscfg.c
+++ b/user/syscfg.c
@@ -15,9 +15,16 @@ sysconf_apply_settings(void)
 	bool changed = false;
 	if (sysconf->config_version < 1) {
 		dbg("Upgrading syscfg to v 1");
-		changed = true;
 		sysconf->access_pw[0] = 0;
 		sysconf->pwlock = PWLOCK_NONE;
+		changed = true;
+	}
+
+	if (sysconf->config_version < 2) {
+		dbg("Upgrading syscfg to v 2");
+		strcpy(sysconf->access_pw, DEF_ACCESS_PW);
+		strcpy(sysconf->access_name, DEF_ACCESS_NAME);
+		changed = true;
 	}
 
 	sysconf->config_version = SYSCONF_VERSION;
diff --git a/user/syscfg.h b/user/syscfg.h
index c7a47f3..359e0c9 100644
--- a/user/syscfg.h
+++ b/user/syscfg.h
@@ -10,7 +10,10 @@
 // Size designed for the wifi config structure
 // Must be constant to avoid corrupting user config after upgrade
 #define SYSCONF_SIZE 300
-#define SYSCONF_VERSION 1
+#define SYSCONF_VERSION 2
+
+#define DEF_ACCESS_PW "1234"
+#define DEF_ACCESS_NAME "espterm"
 
 enum pwlock {
 	PWLOCK_NONE = 0,
@@ -28,6 +31,7 @@ typedef struct {
 	u8 config_version;
 	enum pwlock pwlock : 8; // page access lock
 	char access_pw[64]; // access password
+	char access_name[32]; // access name
 } SystemConfigBundle;
 
 extern SystemConfigBundle * const sysconf;