adds some tests/exmpl disables auth if ap and cp enabled

tzapu · Nov 18, 2023 · 701edc4 · 701edc4
1 parent 23d7558
commit 701edc4
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 15 deletions.
diff --git a/WiFiManager.cpp b/WiFiManager.cpp
@@ -1302,19 +1302,26 @@ void WiFiManager::HTTPSend(const String &content){
 bool WiFiManager::handleRequest() {
   _webPortalAccessed = millis();
 
-  // We use DIGEST_AUTH since connection is over insecure HTTP
-
+  #ifdef WM_NOAUTH
+  return true;
+  #else
+
+  // Handle basic authentication
   if (!_enableAuth) return true;
+  else if(_enableCaptivePortal) return true; // cannot auth in captiveportal, to prevent breaking cp ignore auth @todo add auth landing page for cp with instructions etc.
 
+  #ifdef WM_DEBUG_LEVEL
   DEBUG_WM(WM_DEBUG_DEV,F("DOING AUTH"));
+  #endif
   bool authenticated = server->authenticate(_authUsername.c_str(), _authPassword.c_str());
   if(!authenticated){
-    #ifndef WM_NOAUTH
     server->requestAuthentication(HTTPAuthMethod::DIGEST_AUTH);
+    #ifdef WM_DEBUG_LEVEL    
+    DEBUG_WM(WM_DEBUG_VERBOSE,F("AUTH FAIL"));
     #endif
-    DEBUG_WM(WM_DEBUG_DEV,F("AUTH FAIL"));
   }
   return authenticated;
+  #endif
 }
 
 /** 
@@ -2416,7 +2423,7 @@ void WiFiManager::handleNotFound() {
  * Return true in that case so the page handler do not try to handle the request again. 
  */
 boolean WiFiManager::captivePortal() {
-
+  // catch client captive portal probe and redirect
   if(!_enableCaptivePortal || !configPortalActive) return false; // skip redirections if cp not enabled or not in ap mode
 
   String serverLoc =  toStringIp(server->client().localIP());

diff --git a/WiFiManager.h b/WiFiManager.h
@@ -570,7 +570,7 @@ class WiFiManager
                                                    // on some conn failure modes will add delays and many retries to work around esp and ap bugs, ie, anti de-auth protections
                                                    // https://github.com/tzapu/WiFiManager/issues/1067
     bool          _allowExit              = true; // allow exit in nonblocking, else user exit/abort calls will be ignored including cptimeout
-    bool          _enableAuth             = false; // enables http digest authentication for all pages
+    bool          _enableAuth             = false; // enables http digest authentication for all pages, not supported in captive portals, we can either force disable auth in cp (IMPEMENTED), or disable cp (with safe landing page)
     String        _authUsername           = "admin"; // default username for http authentication
     String        _authPassword           = "12345"; // default password for http authentication
     #ifdef ESP32
@@ -774,14 +774,15 @@ class WiFiManager
     boolean       connect             = false;
     boolean       abort               = false;
     boolean       reset               = false;
-    boolean       configPortalActive  = false;
 
 
     // these are state flags for portal mode, we are either in webportal mode(STA) or configportal mode(AP)
     // these are mutually exclusive as STA+AP mode is not supported due to channel restrictions and stability
     // if we decide to support this, these checks will need to be replaced with something client aware to check if client origin is ap or web
     // These state checks are critical and used for internal function checks
+    boolean       configPortalActive  = false;
     boolean       webPortalActive     = false;
+
     boolean       portalTimeoutResult = false;
 
     boolean       portalAbortResult   = false;
@@ -793,7 +794,7 @@ class WiFiManager
     int         _max_params;
     WiFiManagerParameter** _params    = NULL;
 
-    boolean _debug  = true;
+    boolean _debug                    = true;
     String _debugPrefix = FPSTR(S_debugPrefix);
 
     wm_debuglevel_t debugLvlShow = WM_DEBUG_VERBOSE; // at which level start showing [n] level tags

diff --git a/examples/Super/OnDemandConfigPortal/OnDemandConfigPortal.ino b/examples/Super/OnDemandConfigPortal/OnDemandConfigPortal.ino
@@ -28,10 +28,10 @@ int  TESP_CP_TIMEOUT = 90; // test cp timeout
 
 bool TEST_NET        = true; // do a network test after connect, (gets ntp time)
 bool ALLOWONDEMAND   = true; // enable on demand
-int  ONDDEMANDPIN    = 0; // gpio for button
+int  ONDDEMANDPIN    = 9; // gpio for button
 bool WMISBLOCKING    = true; // use blocking or non blocking mode, non global params wont work in non blocking
 
-uint8_t BUTTONFUNC   = 1; // 0 resetsettings, 1 configportal, 2 autoconnect
+uint8_t BUTTONFUNC   = 1; // 0 resetsettings, 1 configportal, 2 webportal, 3 config/web-portal(with auth), 9 autoconnect
 
 // char ssid[] = "*************";  //  your network SSID (name)
 // char pass[] = "********";       // your network password
@@ -103,7 +103,7 @@ void setup() {
 
   // put your setup code here, to run once:
   Serial.begin(115200);
-  delay(3000);
+  delay(5000);
   // Serial.setDebugOutput(true);
 
   // WiFi.setTxPower(WIFI_POWER_8_5dBm);
@@ -118,16 +118,20 @@ void setup() {
   Serial.println("[INFORMATION] TEST");  
 
 
+  // Set ESP WIFI specifics 
   // WiFi.setScanMethod(WIFI_ALL_CHANNEL_SCAN); // wifi_scan_method_t scanMethod
   // WiFi.setSortMethod(WIFI_CONNECT_AP_BY_SIGNAL); // wifi_sort_method_t sortMethod - WIFI_CONNECT_AP_BY_SIGNAL,WIFI_CONNECT_AP_BY_SECURITY
   // WiFi.setMinSecurity(WIFI_AUTH_WPA2_PSK);
 
   wm.setDebugOutput(true, WM_DEBUG_DEV);
   wm.debugPlatformInfo();
 
-  wm.setAuthentication(true);
-  // wm.setAuthCredientials("admin","12345"); // default
-
+
+  // enable browser auth (DIGEST_AUTH)
+  // NOTE: auth is not compatible with captiveportal, and WILL BE DISABLED when in configportal(AP) mode if setCaptivePortalEnable is true(default)
+  // wm.setAuthentication(true);
+  // wm.setAuthCredientials("admin","WifiManag3r"); // default admin:12345
+
   //reset settings - for testing
   // wm.resetSettings();
   // wm.erase();
@@ -298,6 +302,9 @@ void setup() {
   // use autoconnect, but prevent configportal from auto starting
   // wm.setEnableConfigPortal(false);
 
+  // disable captiveportal detect/redirect, Will have to goto ap ip in browser to access the configportal
+  // wm.setCaptivePortalEnable(false);
+
   wifiInfo();
 
   // to preload autoconnect with credentials
@@ -363,15 +370,35 @@ void loop() {
 
       // start configportal
       if(BUTTONFUNC == 1){
+        wm.setCaptivePortalEnable(false);
+        // wm.setAuthentication(true);
         if (!wm.startConfigPortal("OnDemandAP","12345678")) {
           Serial.println("failed to connect and hit timeout");
           delay(3000);
         }
         return;
       }
 
-      //test autoconnect as reconnect etc.
+      // start configportal
       if(BUTTONFUNC == 2){
+        wm.startWebPortal();
+        return;
+      }
+
+      // start configportal
+      if(BUTTONFUNC == 3){
+        wm.setCaptivePortalEnable(false);
+        wm.setAuthentication(true);
+        if (!wm.startConfigPortal("OnDemandAP","12345678")) {
+          Serial.println("failed to connect and hit timeout");
+          delay(3000);
+        }
+        return;
+      }
+
+      //test autoconnect as reconnect etc.
+      if(BUTTONFUNC == 9){
+        // wm.setEnableConfigPortal(false);
         wm.setConfigPortalTimeout(TESP_CP_TIMEOUT);
         wm.autoConnect();
         return;