Rick Watson
5 years ago
3 changed files with 140 additions and 0 deletions
@ -0,0 +1,15 @@ |
|||
{ |
|||
"jwt_secret":"esp8266-react", |
|||
"users": [ |
|||
{ |
|||
"username": "admin", |
|||
"password": "admin", |
|||
"role": "admin" |
|||
}, |
|||
{ |
|||
"username": "guest", |
|||
"password": "guest", |
|||
"role": "guest" |
|||
} |
|||
] |
|||
} |
@ -0,0 +1,51 @@ |
|||
#include <SecurityManager.h>
|
|||
|
|||
SecurityManager::SecurityManager(AsyncWebServer* server, FS* fs) : SettingsPersistence(fs, SECURITY_SETTINGS_FILE) { |
|||
} |
|||
|
|||
SecurityManager::~SecurityManager() {} |
|||
|
|||
void SecurityManager::readFromJsonObject(JsonObject& root) { |
|||
_jwtSecret = root["jwt_secret"] | DEFAULT_JWT_SECRET; |
|||
|
|||
while (_numUsers > 0){ |
|||
delete _users[--_numUsers]; |
|||
} |
|||
|
|||
if (root["users"].is<JsonArray>()) { |
|||
JsonArray users = root["users"]; |
|||
_numUsers = 0; |
|||
// TODO - complete defence against bad data
|
|||
for (int i =0; i < min(SECURITY_MANAGER_MAX_USERS, (int) users.size()); i++){ |
|||
JsonObject user = users[i]; |
|||
String username = user["username"];; |
|||
String password = user["password"]; |
|||
String role = user["role"]; |
|||
_users[_numUsers++] = new User(username, password, role); |
|||
} |
|||
} |
|||
} |
|||
|
|||
void SecurityManager::writeToJsonObject(JsonObject& root) { |
|||
// TODO
|
|||
} |
|||
|
|||
void SecurityManager::begin() { |
|||
// TODO
|
|||
} |
|||
|
|||
User SecurityManager::verifyUser(String jwt) { |
|||
// TODO
|
|||
return NOT_AUTHENTICATED; |
|||
} |
|||
User authenticate(String username, String password) { |
|||
// TODO
|
|||
return NOT_AUTHENTICATED; |
|||
} |
|||
|
|||
String generateJWT(User user) { |
|||
// TODO
|
|||
return ""; |
|||
} |
|||
|
|||
|
@ -0,0 +1,74 @@ |
|||
#ifndef APSettingsConfig_h |
|||
#define APSettingsConfig_h |
|||
|
|||
#include <SettingsService.h> |
|||
#include <DNSServer.h> |
|||
#include <IPAddress.h> |
|||
|
|||
#define DEFAULT_JWT_SECRET "esp8266-react" |
|||
|
|||
#define SECURITY_SETTINGS_FILE "/config/securitySettings.json" |
|||
#define AUTHENTICATE_PATH "/rest/authenticate" |
|||
|
|||
#define SECURITY_MANAGER_MAX_USERS 5 |
|||
|
|||
#define UNAUTHENTICATED_USERNAME "" |
|||
#define UNAUTHENTICATED_PASSWORD "" |
|||
#define UNAUTHENTICATED_ROLE "" |
|||
|
|||
#define ROLE_ADMIN "admin" |
|||
#define ROLE_GUEST "guest" |
|||
|
|||
class User { |
|||
private: |
|||
String _username; |
|||
String _password; |
|||
String _role; |
|||
public: |
|||
User(String username, String password, String role): _username(username), _password(password), _role(role) {} |
|||
String getUsername() { |
|||
return _username; |
|||
} |
|||
String getPassword() { |
|||
return _password; |
|||
} |
|||
String getRole() { |
|||
return _role; |
|||
} |
|||
bool isAuthenticated() { |
|||
return _username != UNAUTHENTICATED_USERNAME; |
|||
} |
|||
bool isAdmin() { |
|||
return isAuthenticated() && _username == ROLE_ADMIN; |
|||
} |
|||
}; |
|||
|
|||
const User NOT_AUTHENTICATED = User(UNAUTHENTICATED_USERNAME, UNAUTHENTICATED_PASSWORD, UNAUTHENTICATED_ROLE); |
|||
|
|||
class SecurityManager : public SettingsPersistence { |
|||
|
|||
public: |
|||
|
|||
SecurityManager(AsyncWebServer* server, FS* fs); |
|||
~SecurityManager(); |
|||
|
|||
void begin(); |
|||
|
|||
User verifyUser(String jwt); |
|||
User authenticate(); |
|||
String generateJWT(User user); |
|||
|
|||
protected: |
|||
|
|||
void readFromJsonObject(JsonObject& root); |
|||
void writeToJsonObject(JsonObject& root); |
|||
|
|||
private: |
|||
|
|||
// access point settings |
|||
String _jwtSecret; |
|||
User *_users[SECURITY_MANAGER_MAX_USERS]; |
|||
int _numUsers; |
|||
}; |
|||
|
|||
#endif // end APSettingsConfig_h |
Write
Preview
Loading…
Cancel
Save
Reference in new issue