Simple password protection added to allow users to lock their RepRap. NB this is not (nor should it be) full SSL/https encryption stuff.

2013-02-20 20:37:31 +00:00 · 2013-02-20 20:37:31 +00:00 · e4981fe819
commit e4981fe819
parent 8673ad40ca
8 changed files with 179 additions and 36 deletions
--- a/Platform.h
+++ b/Platform.h
@ -260,7 +260,6 @@ class Platform
  void ClientMonitor();
  
  byte mac[MAC_BYTES];
-  IPAddress* ip;
  EthernetServer* server;
  EthernetClient client;
  int clientStatus;
--- a/Platform.ino
+++ b/Platform.ino
@ -139,10 +139,6 @@ void Platform::init()
  // Network

  mac = MAC;
-  ip = new IPAddress(IP0, IP1, IP2, IP3);
-  // Initialize the Ethernet server library
-  // with the IP address and port you want to use 
-  // (port 80 is default for HTTP):
  server = new EthernetServer(HTTP_PORT);
  
  // disable SD SPI while starting w5100
@ -150,7 +146,7 @@ void Platform::init()
  pinMode(SD_SPI, OUTPUT);
  digitalWrite(SD_SPI,HIGH);   

-  Ethernet.begin(mac, *ip);
+  Ethernet.begin(mac, *(new IPAddress(IP0, IP1, IP2, IP3)));
  server->begin();
  
  //Serial.print("server is at ");
--- a/SD-image/html404.htm
+++ b/SD-image/html404.htm
@ -4,5 +4,15 @@
 <title>404 Error</title>
 </head>
 <body>
-<h1>RepRapPro Firmware - 404 Error: page not found.</h1>
+
+<center>
+<h3>
+RepRap Web Interface
+<br><br><br>
+
+404 Error: page not found.
+</h3>
+
+</center>
+
 </body></html>
--- a/SD-image/html404.htm~
+++ b/SD-image/html404.htm~
@ -0,0 +1,18 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+<title>404 Error</title>
+</head>
+<body>
+
+<center>
+<h3>
+RepRap Web Interface
+<br><br><br>
+
+RepRapPro Firmware - 404 Error: page not found.
+</h3>
+
+</center>
+
+</body></html>
--- a/SD-image/passwd.htm
+++ b/SD-image/passwd.htm
@ -0,0 +1,17 @@
+<!DOCTYPE HTML>
+<html>
+
+<center>
+<h3>
+RepRap Web Interface
+</h3>
+
+
+<form name="input" action="gather.asp" method="get">
+Password: <input type="password" name="pwd">
+<input type="submit" value="Submit">
+</form>
+
+</center> 
+
+</html>
--- a/SD-image/passwd.htm~
+++ b/SD-image/passwd.htm~
@ -0,0 +1,17 @@
+<!DOCTYPE HTML>
+<html>
+
+<center>
+<h3>
+RepRap Web Interface
+</h3>
+
+
+<form name="input" action="passwd.asp" method="get">
+Password: <input type="password" name="pwd">
+<input type="submit" value="Submit">
+</form>
+
+</center> 
+
+</html>
--- a/Webserver.h
+++ b/Webserver.h
@ -26,6 +26,10 @@ Licence: GPL

 #define CLIENT_CLOSE_DELAY 1000 // Microseconds to wait after serving a page

+#define DEFAULT_PASSWORD "reprap"
+#define PASSWORD_PAGE "passwd.htm"
+#define STRING_LENGTH 1000
+
 class Webserver
 {   
  public:
@ -35,11 +39,14 @@ class Webserver
    
  private:
  
-    void CheckClientLine();
+    void ParseClientLine();
    void IncomingByte(unsigned char b);
    void SendFile(char* nameOfFileToSend);
    void WriteByte();
-    boolean fileHasExtension(char* fileName, char* extension);
+    boolean StringEndsWith(char* string, char* ending);
+    boolean StringStartsWith(char* string, char* starting);
+    void ParseQualifier();
+    void CheckPassword();
    
    Platform* platform;
    unsigned long lastTime;
@ -48,9 +55,12 @@ class Webserver
    boolean clientLineIsBlank;
    unsigned long clientCloseTime;
    boolean needToCloseClient;
-    char clientLine[1000];
-    char clientRequest[1000];
+    char clientLine[STRING_LENGTH];
+    char clientRequest[STRING_LENGTH];
+    char clientQualifier[STRING_LENGTH];
    int clientLinePointer;
+    boolean gotPassword;
+    char* password;
 };


--- a/Webserver.ino
+++ b/Webserver.ino
@ -34,38 +34,64 @@ Webserver::Webserver(Platform* p)
  clientLinePointer = 0;
  clientLine[0] = 0;
  clientRequest[0] = 0;
+  password = DEFAULT_PASSWORD;
+  gotPassword = false;
 }

-boolean Webserver::fileHasExtension(char* fileName, char* extension)
+boolean Webserver::StringEndsWith(char* string, char* ending)
 {
-  int j = strlen(fileName);
-  int k = strlen(extension);
+  int j = strlen(string);
+  int k = strlen(ending);
  if(k > j)
    return false;
  
-  return(!strcmp(&fileName[j - k], extension));
+  return(!strcmp(&string[j - k], ending));
+}
+
+boolean Webserver::StringStartsWith(char* string, char* starting)
+{ 
+  int j = strlen(string);
+  int k = strlen(starting);
+  if(k > j)
+    return false;
+  
+  for(int i = 0; i < k; i++)
+    if(string[i] != starting[i])
+      return false;
+      
+  return true;
 }

 void Webserver::SendFile(char* nameOfFileToSend)
 {
-    platform->SendToClient("HTTP/1.1 200 OK\n");
-    if(fileHasExtension(nameOfFileToSend, ".png"))
-      platform->SendToClient("Content-Type: image/png\n");
-    else
-      platform->SendToClient("Content-Type: text/html\n");
-    platform->SendToClient("Connnection: close\n");
+  if(!gotPassword)
+    nameOfFileToSend = PASSWORD_PAGE;
+    
+  platform->SendToClient("HTTP/1.1 200 OK\n");
+  
+  if(StringEndsWith(nameOfFileToSend, ".png"))
+    platform->SendToClient("Content-Type: image/png\n");
+  else
+    platform->SendToClient("Content-Type: text/html\n");
+    
+  platform->SendToClient("Connnection: close\n");
+  
 //          if(loadingImage)
 //          {
 //           platform->SendToHost("Cache-Control: max-age=3600\n");
 //           Serial.println("Image requested");
 //          }
-    platform->SendToClient('\n');
-    //Serial.print("File requested: ");
-    //Serial.println(nameOfFileToSend);
-    fileBeingSent = platform->OpenFile(nameOfFileToSend, false);
-    if(fileBeingSent < 0)
-        fileBeingSent = platform->OpenFile("html404.htm", false);
-    writing = true; 
+
+  platform->SendToClient('\n');
+  
+  //Serial.print("File requested: ");
+  //Serial.println(nameOfFileToSend);
+  
+  fileBeingSent = platform->OpenFile(nameOfFileToSend, false);
+  if(fileBeingSent < 0)
+      fileBeingSent = platform->OpenFile("html404.htm", false);
+      
+  writing = true; 
 }

 void Webserver::WriteByte()
@ -82,28 +108,78 @@ void Webserver::WriteByte()
    }  
 }

-void Webserver::CheckClientLine()
+
+/*
+
+Parse a string in clientLine[] from the user's web browser
+
+Simple requests have the form:
+
+GET /page2.htm HTTP/1.1
+     ^  Start clientRequest[] at clientLine[5]; stop at the blank or...
+
+...fancier ones with arguments after a '?' go:
+
+GET /gather.asp?pwd=my_pwd HTTP/1.1
+     ^ Start clientRequest[]
+                ^ Start clientQualifier[]
+*/
+
+void Webserver::ParseClientLine()
 { 
-  if(!(clientLine[0] == 'G' && clientLine[1] == 'E' && clientLine[2] == 'T'))
+  if(!StringStartsWith(clientLine, "GET"))
    return;
  
  int i = 5;
  int j = 0;
  clientRequest[j] = 0;
-  while(clientLine[i] != ' ')
+  while(clientLine[i] != ' ' && clientLine[i] != '?')
  {
    clientRequest[j] = clientLine[i];
    j++;
    i++;
  }
  clientRequest[j] = 0;
+  if(clientLine[i] == '?')
+  {
+    i++;
+    j = 0;
+    while(clientLine[i] != ' ')
+    {
+      clientQualifier[j] = clientLine[i];
+      j++;
+      i++;      
+    }
+    clientQualifier[j] = 0;
+    ParseQualifier();
+  }
+  
  if(!clientRequest[0])
    strcpy(clientRequest, "index.htm");
 }

+void Webserver::CheckPassword()
+{
+  if(!StringEndsWith(clientQualifier, password))
+    return;
+    
+  gotPassword = true;
+  strcpy(clientRequest, "index.htm");
+}
+  
+
+void Webserver::ParseQualifier()
+{
+  if(StringStartsWith(clientQualifier, "pwd="))
+    CheckPassword();
+  
+}
+
+

 void Webserver::spin()
 {
+    
  if(writing)
  {
    WriteByte();
@ -115,7 +191,7 @@ void Webserver::spin()
    if (platform->ClientStatus() & AVAILABLE) 
    {
      char c = platform->ClientRead();
-      //Serial.write(c);
+      Serial.write(c);
      // if you've gotten to the end of the line (received a newline
      // character) and the line is blank, the http request has ended,
      // so you can send a reply
@ -130,8 +206,8 @@ void Webserver::spin()
      if (c == '\n') 
      {
        clientLine[clientLinePointer] = 0;
-        CheckClientLine();
-          // you're starting a new line
+        ParseClientLine();
+        // you're starting a new line
        clientLineIsBlank = true;
        clientLinePointer = 0;
      } else if (c != '\r')