nova
/
esp8266-react-framework
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Fork of the excellent esp8266-react - https://github.com/rjwats/esp8266-react
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
257 Commits
1 Branch
0 Tags
4.4 MiB
Tree: 003fd8af28
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '003fd8af28'
${ noResults }
esp8266-react-framework/lib/framework/SecurityManager.h

102 lines
2.6 KiB
Raw Normal View History

playing with some ideas for security management
5 years ago
Allow features to be disabled at build time (#143) * Add framework for built-time feature selection * Allow MQTT, NTP, OTA features to be disabled at build time * Allow Project screens to be disabled at build time * Allow security features to be disabled at build time * Switch to std::function for StatefulService function aliases for greater flexibility * Bump various UI lib versions * Update docs
4 years ago
messing around with JWT implementation
5 years ago
add security to all admin endpoints
5 years ago
Factory reset feature (#114) Implemented factory-reset feature Extract factory settings into separate ini file Hide reset/factory reset from guest user Co-authored-by: kasedy <kasedy@gmail.com>
4 years ago
Rework backend add MQTT and WebSocket support * Update back end to add MQTT and WebSocket support * Update demo project to demonstrate MQTT and WebSockets * Update documentation to describe newly added and modified functionallity * Introduce separate MQTT pub/sub, HTTP get/post and WebSocket rx/tx classes * Significant reanaming - more accurate class names * Use PROGMEM_WWW as default * Update README documenting PROGMEM_WWW as default * Update README with API changes
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Start work on security manager
5 years ago
Factory reset feature (#114) Implemented factory-reset feature Extract factory settings into separate ini file Hide reset/factory reset from guest user Co-authored-by: kasedy <kasedy@gmail.com>
4 years ago
Start work on security manager
5 years ago
Rework backend add MQTT and WebSocket support * Update back end to add MQTT and WebSocket support * Update demo project to demonstrate MQTT and WebSockets * Update documentation to describe newly added and modified functionallity * Introduce separate MQTT pub/sub, HTTP get/post and WebSocket rx/tx classes * Significant reanaming - more accurate class names * Use PROGMEM_WWW as default * Update README documenting PROGMEM_WWW as default * Update README with API changes
4 years ago
add authentication service
5 years ago
Start work on security manager
5 years ago
add JWT encoding
5 years ago
Start work on security manager
5 years ago
External config Allow config to be accessed from outside the framework core code.
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
External config Allow config to be accessed from outside the framework core code.
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Start work on security manager
5 years ago
WIP - more experimenting with the security manager
5 years ago
External config Allow config to be accessed from outside the framework core code.
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
External config Allow config to be accessed from outside the framework core code.
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
External config Allow config to be accessed from outside the framework core code.
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
External config Allow config to be accessed from outside the framework core code.
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
WIP - more experimenting with the security manager
5 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Start work on security manager
5 years ago
add security to all admin endpoints
5 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
External config Allow config to be accessed from outside the framework core code.
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
External config Allow config to be accessed from outside the framework core code.
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
add security to all admin endpoints
5 years ago
Start work on security manager
5 years ago
add security to all admin endpoints
5 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Allow features to be disabled at build time (#143) * Add framework for built-time feature selection * Allow MQTT, NTP, OTA features to be disabled at build time * Allow Project screens to be disabled at build time * Allow security features to be disabled at build time * Switch to std::function for StatefulService function aliases for greater flexibility * Bump various UI lib versions * Update docs
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Use references & flash strings where approperate (#110) * pass originId as const reference * store strings for serial logging in flash * Use string references where approperate.
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Allow features to be disabled at build time (#143) * Add framework for built-time feature selection * Allow MQTT, NTP, OTA features to be disabled at build time * Allow Project screens to be disabled at build time * Allow security features to be disabled at build time * Switch to std::function for StatefulService function aliases for greater flexibility * Bump various UI lib versions * Update docs
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Allow features to be disabled at build time (#143) * Add framework for built-time feature selection * Allow MQTT, NTP, OTA features to be disabled at build time * Allow Project screens to be disabled at build time * Allow security features to be disabled at build time * Switch to std::function for StatefulService function aliases for greater flexibility * Bump various UI lib versions * Update docs
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Allow features to be disabled at build time (#143) * Add framework for built-time feature selection * Allow MQTT, NTP, OTA features to be disabled at build time * Allow Project screens to be disabled at build time * Allow security features to be disabled at build time * Switch to std::function for StatefulService function aliases for greater flexibility * Bump various UI lib versions * Update docs
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Allow features to be disabled at build time (#143) * Add framework for built-time feature selection * Allow MQTT, NTP, OTA features to be disabled at build time * Allow Project screens to be disabled at build time * Allow security features to be disabled at build time * Switch to std::function for StatefulService function aliases for greater flexibility * Bump various UI lib versions * Update docs
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
Rework backend add MQTT and WebSocket support * Update back end to add MQTT and WebSocket support * Update demo project to demonstrate MQTT and WebSockets * Update documentation to describe newly added and modified functionallity * Introduce separate MQTT pub/sub, HTTP get/post and WebSocket rx/tx classes * Significant reanaming - more accurate class names * Use PROGMEM_WWW as default * Update README documenting PROGMEM_WWW as default * Update README with API changes
4 years ago
reformat with .clang-format based on google's spec with some minor changes
5 years ago
External config Allow config to be accessed from outside the framework core code.
4 years ago
Rework backend add MQTT and WebSocket support * Update back end to add MQTT and WebSocket support * Update demo project to demonstrate MQTT and WebSockets * Update documentation to describe newly added and modified functionallity * Introduce separate MQTT pub/sub, HTTP get/post and WebSocket rx/tx classes * Significant reanaming - more accurate class names * Use PROGMEM_WWW as default * Update README documenting PROGMEM_WWW as default * Update README with API changes
4 years ago
Allow features to be disabled at build time (#143) * Add framework for built-time feature selection * Allow MQTT, NTP, OTA features to be disabled at build time * Allow Project screens to be disabled at build time * Allow security features to be disabled at build time * Switch to std::function for StatefulService function aliases for greater flexibility * Bump various UI lib versions * Update docs
4 years ago
Rework backend add MQTT and WebSocket support * Update back end to add MQTT and WebSocket support * Update demo project to demonstrate MQTT and WebSockets * Update documentation to describe newly added and modified functionallity * Introduce separate MQTT pub/sub, HTTP get/post and WebSocket rx/tx classes * Significant reanaming - more accurate class names * Use PROGMEM_WWW as default * Update README documenting PROGMEM_WWW as default * Update README with API changes
4 years ago
Start work on security manager
5 years ago
Allow features to be disabled at build time (#143) * Add framework for built-time feature selection * Allow MQTT, NTP, OTA features to be disabled at build time * Allow Project screens to be disabled at build time * Allow security features to be disabled at build time * Switch to std::function for StatefulService function aliases for greater flexibility * Bump various UI lib versions * Update docs
4 years ago
  1. #ifndef SecurityManager_h
  2. #define SecurityManager_h
  4. #include <Features.h>
  5. #include <ArduinoJsonJWT.h>
  6. #include <ESPAsyncWebServer.h>
  7. #include <ESPUtils.h>
  8. #include <AsyncJson.h>
  9. #include <list>
  11. #ifndef FACTORY_JWT_SECRET
  12. #define FACTORY_JWT_SECRET ESPUtils::defaultDeviceValue()
  13. #endif
  15. #define ACCESS_TOKEN_PARAMATER "access_token"
  17. #define AUTHORIZATION_HEADER "Authorization"
  18. #define AUTHORIZATION_HEADER_PREFIX "Bearer "
  19. #define AUTHORIZATION_HEADER_PREFIX_LEN 7
  21. #define MAX_JWT_SIZE 128
  23. class User {
  24. public:
  25. String username;
  26. String password;
  27. bool admin;
  29. public:
  30. User(String username, String password, bool admin) : username(username), password(password), admin(admin) {
  31. }
  32. };
  34. class Authentication {
  35. public:
  36. User* user;
  37. boolean authenticated;
  39. public:
  40. Authentication(User& user) : user(new User(user)), authenticated(true) {
  41. }
  42. Authentication() : user(nullptr), authenticated(false) {
  43. }
  44. ~Authentication() {
  45. delete (user);
  46. }
  47. };
  49. typedef std::function<boolean(Authentication& authentication)> AuthenticationPredicate;
  51. class AuthenticationPredicates {
  52. public:
  53. static bool NONE_REQUIRED(Authentication& authentication) {
  54. return true;
  55. };
  56. static bool IS_AUTHENTICATED(Authentication& authentication) {
  57. return authentication.authenticated;
  58. };
  59. static bool IS_ADMIN(Authentication& authentication) {
  60. return authentication.authenticated && authentication.user->admin;
  61. };
  62. };
  64. class SecurityManager {
  65. public:
  66. #if FT_ENABLED(FT_SECURITY)
  67. /*
  68. * Authenticate, returning the user if found
  69. */
  70. virtual Authentication authenticate(const String& username, const String& password) = 0;
  72. /*
  73. * Generate a JWT for the user provided
  74. */
  75. virtual String generateJWT(User* user) = 0;
  77. #endif
  79. /*
  80. * Check the request header for the Authorization token
  81. */
  82. virtual Authentication authenticateRequest(AsyncWebServerRequest* request) = 0;
  84. /**
  85. * Filter a request with the provided predicate, only returning true if the predicate matches.
  86. */
  87. virtual ArRequestFilterFunction filterRequest(AuthenticationPredicate predicate) = 0;
  89. /**
  90. * Wrap the provided request to provide validation against an AuthenticationPredicate.
  91. */
  92. virtual ArRequestHandlerFunction wrapRequest(ArRequestHandlerFunction onRequest,
  93. AuthenticationPredicate predicate) = 0;
  95. /**
  96. * Wrap the provided json request callback to provide validation against an AuthenticationPredicate.
  97. */
  98. virtual ArJsonRequestHandlerFunction wrapCallback(ArJsonRequestHandlerFunction onRequest,
  99. AuthenticationPredicate predicate) = 0;
  100. };
  102. #endif // end SecurityManager_h