Support settings pin unlock via JSON
Also supports locking by providing any incorrect pin
This commit is contained in:
Aircoookie
parent
670461c66f
commit
dd9da2853a
@ -1,5 +1,9 @@
|
|||||||
## WLED changelog
|
## WLED changelog
|
||||||
|
|
||||||
|
#### Build 2306140
|
||||||
|
|
||||||
|
- Add settings PIN (un)locking to JSON post API
|
||||||
|
|
||||||
#### Build 2306130
|
#### Build 2306130
|
||||||
- Bumped version to 0.14-b3 (beta 3)
|
- Bumped version to 0.14-b3 (beta 3)
|
||||||
- added pin dropdowns in LED preferences (not for LED pins) and usermods
|
- added pin dropdowns in LED preferences (not for LED pins) and usermods
|
||||||
|
|||||||
@ -443,7 +443,10 @@
|
|||||||
#define DEFAULT_LED_COUNT 30
|
#define DEFAULT_LED_COUNT 30
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define INTERFACE_UPDATE_COOLDOWN 2000 //time in ms to wait between websockets, alexa, and MQTT updates
|
#define INTERFACE_UPDATE_COOLDOWN 2000 // time in ms to wait between websockets, alexa, and MQTT updates
|
||||||
|
|
||||||
|
#define PIN_RETRY_COOLDOWN 3000 // time in ms after an incorrect attempt PIN and OTA pass will be rejected even if correct
|
||||||
|
#define PIN_TIMEOUT 900000 // time in ms after which the PIN will be required again, 15 minutes
|
||||||
|
|
||||||
// HW_PIN_SCL & HW_PIN_SDA are used for information in usermods settings page and usermods themselves
|
// HW_PIN_SCL & HW_PIN_SDA are used for information in usermods settings page and usermods themselves
|
||||||
// which GPIO pins are actually used in a hardwarea layout (controller board)
|
// which GPIO pins are actually used in a hardwarea layout (controller board)
|
||||||
|
|||||||
@ -335,6 +335,7 @@ void releaseJSONBufferLock();
|
|||||||
uint8_t extractModeName(uint8_t mode, const char *src, char *dest, uint8_t maxLen);
|
uint8_t extractModeName(uint8_t mode, const char *src, char *dest, uint8_t maxLen);
|
||||||
uint8_t extractModeSlider(uint8_t mode, uint8_t slider, char *dest, uint8_t maxLen, uint8_t *var = nullptr);
|
uint8_t extractModeSlider(uint8_t mode, uint8_t slider, char *dest, uint8_t maxLen, uint8_t *var = nullptr);
|
||||||
int16_t extractModeDefaults(uint8_t mode, const char *segVar);
|
int16_t extractModeDefaults(uint8_t mode, const char *segVar);
|
||||||
|
void checkSettingsPIN(const char *pin);
|
||||||
uint16_t crc16(const unsigned char* data_p, size_t length);
|
uint16_t crc16(const unsigned char* data_p, size_t length);
|
||||||
um_data_t* simulateSound(uint8_t simulationId);
|
um_data_t* simulateSound(uint8_t simulationId);
|
||||||
void enumerateLedmaps();
|
void enumerateLedmaps();
|
||||||
|
|||||||
@ -10,8 +10,7 @@ void handleSettingsSet(AsyncWebServerRequest *request, byte subPage)
|
|||||||
// PIN code request
|
// PIN code request
|
||||||
if (subPage == 252)
|
if (subPage == 252)
|
||||||
{
|
{
|
||||||
correctPIN = (strlen(settingsPIN)==0 || strncmp(settingsPIN, request->arg(F("PIN")).c_str(), 4)==0);
|
checkSettingsPIN(request->arg(F("PIN")).c_str());
|
||||||
lastEditTime = millis();
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -484,7 +483,7 @@ void handleSettingsSet(AsyncWebServerRequest *request, byte subPage)
|
|||||||
if (otaLock && strcmp(otaPass,request->arg(F("OP")).c_str()) == 0)
|
if (otaLock && strcmp(otaPass,request->arg(F("OP")).c_str()) == 0)
|
||||||
{
|
{
|
||||||
// brute force protection: do not unlock even if correct if last save was less than 3 seconds ago
|
// brute force protection: do not unlock even if correct if last save was less than 3 seconds ago
|
||||||
if (millis() - lastEditTime > 3000) pwdCorrect = true;
|
if (millis() - lastEditTime > PIN_RETRY_COOLDOWN) pwdCorrect = true;
|
||||||
}
|
}
|
||||||
if (!otaLock && request->arg(F("OP")).length() > 0)
|
if (!otaLock && request->arg(F("OP")).length() > 0)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -373,6 +373,16 @@ int16_t extractModeDefaults(uint8_t mode, const char *segVar)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
void checkSettingsPIN(const char* pin) {
|
||||||
|
if (!pin) return;
|
||||||
|
if (!correctPIN && millis() - lastEditTime < PIN_RETRY_COOLDOWN) return; // guard against PIN brute force
|
||||||
|
bool correctBefore = correctPIN;
|
||||||
|
correctPIN = (strlen(settingsPIN) == 0 || strncmp(settingsPIN, pin, 4) == 0);
|
||||||
|
if (correctBefore != correctPIN) createEditHandler(correctPIN);
|
||||||
|
lastEditTime = millis();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
uint16_t crc16(const unsigned char* data_p, size_t length) {
|
uint16_t crc16(const unsigned char* data_p, size_t length) {
|
||||||
uint8_t x;
|
uint8_t x;
|
||||||
uint16_t crc = 0xFFFF;
|
uint16_t crc = 0xFFFF;
|
||||||
|
|||||||
@ -138,7 +138,7 @@ void WLED::loop()
|
|||||||
}
|
}
|
||||||
|
|
||||||
// 15min PIN time-out
|
// 15min PIN time-out
|
||||||
if (strlen(settingsPIN)>0 && millis() - lastEditTime > 900000) {
|
if (strlen(settingsPIN)>0 && correctPIN && millis() - lastEditTime > PIN_TIMEOUT) {
|
||||||
correctPIN = false;
|
correctPIN = false;
|
||||||
createEditHandler(false);
|
createEditHandler(false);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -8,7 +8,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
// version code in format yymmddb (b = daily build)
|
// version code in format yymmddb (b = daily build)
|
||||||
#define VERSION 2306130
|
#define VERSION 2306140
|
||||||
|
|
||||||
//uncomment this if you have a "my_config.h" file you'd like to use
|
//uncomment this if you have a "my_config.h" file you'd like to use
|
||||||
//#define WLED_USE_MY_CONFIG
|
//#define WLED_USE_MY_CONFIG
|
||||||
|
|||||||
@ -198,6 +198,8 @@ void initServer()
|
|||||||
request->send(400, "application/json", F("{\"error\":9}")); // ERR_JSON
|
request->send(400, "application/json", F("{\"error\":9}")); // ERR_JSON
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
if (root.containsKey("pin")) checkSettingsPIN(root["pin"].as<const char*>());
|
||||||
|
|
||||||
const String& url = request->url();
|
const String& url = request->url();
|
||||||
isConfig = url.indexOf("cfg") > -1;
|
isConfig = url.indexOf("cfg") > -1;
|
||||||
if (!isConfig) {
|
if (!isConfig) {
|
||||||
@ -582,7 +584,7 @@ void serveSettings(AsyncWebServerRequest* request, bool post)
|
|||||||
}
|
}
|
||||||
|
|
||||||
// if OTA locked or too frequent PIN entry requests fail hard
|
// if OTA locked or too frequent PIN entry requests fail hard
|
||||||
if ((subPage == 1 && wifiLock && otaLock) || (post && !correctPIN && millis()-lastEditTime < 3000))
|
if ((subPage == 1 && wifiLock && otaLock) || (post && !correctPIN && millis()-lastEditTime < PIN_RETRY_COOLDOWN))
|
||||||
{
|
{
|
||||||
serveMessage(request, 500, "Access Denied", FPSTR(s_unlock_ota), 254); return;
|
serveMessage(request, 500, "Access Denied", FPSTR(s_unlock_ota), 254); return;
|
||||||
}
|
}
|
||||||
@ -606,10 +608,7 @@ void serveSettings(AsyncWebServerRequest* request, bool post)
|
|||||||
case 252: strcpy_P(s, correctPIN ? PSTR("PIN accepted") : PSTR("PIN rejected")); break;
|
case 252: strcpy_P(s, correctPIN ? PSTR("PIN accepted") : PSTR("PIN rejected")); break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (subPage == 252) {
|
if (subPage != 252) strcat_P(s, PSTR(" settings saved."));
|
||||||
createEditHandler(correctPIN);
|
|
||||||
} else
|
|
||||||
strcat_P(s, PSTR(" settings saved."));
|
|
||||||
|
|
||||||
if (subPage == 252 && correctPIN) {
|
if (subPage == 252 && correctPIN) {
|
||||||
subPage = originalSubPage; // on correct PIN load settings page the user intended
|
subPage = originalSubPage; // on correct PIN load settings page the user intended
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user