Merge pull request #1112 from me-no-dev/www-basic-auth

Add HTTP Basic Auth to WebServer and libb64 (base64) to core

libraries/ESP8266WebServer/examples/HttpBasicAuth/HttpBasicAuth.ino

@@ -0,0 +1,40 @@
+#include <ESP8266WiFi.h>
+#include <ESP8266mDNS.h>
+#include <ArduinoOTA.h>
+#include <ESP8266WebServer.h>
+
+const char* ssid = "........";
+const char* password = "........";
+
+ESP8266WebServer server(80);
+
+const char* www_username = "admin";
+const char* www_password = "esp8266";
+
+void setup() {
+  Serial.begin(115200);
+  WiFi.mode(WIFI_STA);
+  WiFi.begin(ssid, password);
+  if(WiFi.waitForConnectResult() != WL_CONNECTED) {
+    Serial.println("WiFi Connect Failed! Rebooting...");
+    delay(1000);
+    ESP.restart();
+  }
+  ArduinoOTA.begin();
+
+  server.on("/", [](){
+    if(!server.authenticate(www_username, www_password))
+      return server.requestAuthentication();
+    server.send(200, "text/plain", "Login OK");
+  });
+  server.begin();
+
+  Serial.print("Open http://");
+  Serial.print(WiFi.localIP());
+  Serial.println("/ in your browser to see it working");
+}
+
+void loop() {
+  ArduinoOTA.handle();
+  server.handleClient();
+}

libraries/ESP8266WebServer/src/ESP8266WebServer.cpp

@@ -22,6 +22,7 @@
 
 
 #include <Arduino.h>
+#include <libb64/cencode.h>
 #include "WiFiServer.h"
 #include "WiFiClient.h"
 #include "ESP8266WebServer.h"
@@ -30,6 +31,7 @@
 // #define DEBUG
 #define DEBUG_OUTPUT Serial
 
+const char * AUTHORIZATION_HEADER = "Authorization";
 
 ESP8266WebServer::ESP8266WebServer(IPAddress addr, int port)
 : _server(addr, port)
@@ -73,6 +75,38 @@ ESP8266WebServer::~ESP8266WebServer() {
 
 void ESP8266WebServer::begin() {
   _server.begin();
+  if(!_headerKeysCount)
+    collectHeaders(0, 0);
+}
+
+bool ESP8266WebServer::authenticate(const char * username, const char * password){
+  if(hasHeader(AUTHORIZATION_HEADER)){
+    String authReq = header(AUTHORIZATION_HEADER);
+    if(authReq.startsWith("Basic")){
+      authReq = authReq.substring(6);
+      authReq.trim();
+      char toencodeLen = strlen(username)+strlen(password)+1;
+      char *toencode = new char[toencodeLen];
+      if(toencode == NULL)
+        return false;
+      char *encoded = new char[base64_encode_expected_len(toencodeLen)+1];
+      if(encoded == NULL)
+        return false;
+
+      sprintf(toencode, "%s:%s", username, password);
+      if(base64_encode_chars(toencode, toencodeLen, encoded) > 0 && authReq.equals(encoded)){
+        authReq = String();
+        return true;
+      }
+    }
+    authReq = String();
+  }
+  return false;
+}
+
+void ESP8266WebServer::requestAuthentication(){
+  sendHeader("WWW-Authenticate", "Basic realm=\"Login Required\"");
+  send(401);
 }
 
 void ESP8266WebServer::on(const char* uri, ESP8266WebServer::THandlerFunction handler) {
@@ -316,12 +350,13 @@ String ESP8266WebServer::header(const char* name) {
 }
 
 void ESP8266WebServer::collectHeaders(const char* headerKeys[], const size_t headerKeysCount) {
-  _headerKeysCount = headerKeysCount;
+  _headerKeysCount = headerKeysCount + 1;
   if (_currentHeaders)
      delete[]_currentHeaders;
   _currentHeaders = new RequestArgument[_headerKeysCount];
-  for (int i = 0; i < _headerKeysCount; i++){
-    _currentHeaders[i].key = headerKeys[i];
+  _currentHeaders[0].key = AUTHORIZATION_HEADER;
+  for (int i = 1; i < _headerKeysCount; i++){
+    _currentHeaders[i].key = headerKeys[i-1];
   }
 }
 

libraries/ESP8266WebServer/src/ESP8266WebServer.h

@@ -65,7 +65,10 @@ public:
 
   void begin();
   void handleClient();
-
+  
+  bool authenticate(const char * username, const char * password);
+  void requestAuthentication();
+  
   typedef std::function<void(void)> THandlerFunction;
   void on(const char* uri, THandlerFunction handler);
   void on(const char* uri, HTTPMethod method, THandlerFunction fn);