Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Web server simplifications and handers #7429

Merged
merged 29 commits into from
Jan 16, 2024
Merged

Web server simplifications and handers #7429

merged 29 commits into from
Jan 16, 2024

Conversation

dirkx
Copy link
Contributor

@dirkx dirkx commented Nov 4, 2022
edited
Loading

Proposal to simplify the authentication code in de webserver (and potentially also derisk it); and to also allow for richer authentication; such as with multiple usernames and passwords, the use of Time based one-time passwords or typical IoT bearer tokens.

Also adds a number of extra examples - including one that uses an authentication cookie.

Has been tested on ESP-8266 and ESP-32.

@VojtechBartoska VojtechBartoska added the Status: Needs investigation We need to do some research before taking next steps on this issue label Nov 16, 2022
@VojtechBartoska VojtechBartoska added the Status: Awaiting triage Issue is waiting for triage label Dec 14, 2022
@VojtechBartoska VojtechBartoska removed the Status: Awaiting triage Issue is waiting for triage label Dec 14, 2022
@CLAassistant
Copy link

CLAassistant commented May 6, 2023
edited
Loading

CLA assistant check
All committers have signed the CLA.

@VojtechBartoska VojtechBartoska added this to the 3.0.0-RC1 milestone Nov 28, 2023
@Jason2866
Copy link
Collaborator

With the changes a simple Webserver now includes mbedtls software libs. This increases code size a lot. Actually the md5 routine from mbedtls is used which is in all MCUs a routine which is embedded in ROM and does not increase code size.

@dirkx
Copy link
Contributor Author

dirkx commented Dec 11, 2023
edited
Loading

@Jason2866 -- Ok - so your estimate is that by replacing md5 by the rom routines - we can totally remove the need for mbedtls ? Correct ? If so - happy to give that a try.

@Jason2866
Copy link
Collaborator

Yes, see this change #8667

lucasssvaz
lucasssvaz requested changes Dec 20, 2023
View reviewed changes
Copy link
Collaborator

@lucasssvaz lucasssvaz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is a very nice improvement but needs some small fixes first, mainly the mbedtls overhead and the crashing when using a bearer. Please also fix the conflicts to update do 3.0.0

libraries/ESP32/examples/MD5Builder/MD5Builder.ino Outdated Show resolved Hide resolved
libraries/WebServer/examples/HttpAuthCallback/HttpAuthCallback.ino Outdated Show resolved Hide resolved
libraries/WebServer/examples/HttpAuthCallbackInline/HttpAuthCallbackInline.ino Outdated Show resolved Hide resolved
libraries/WebServer/examples/HttpAuthOneTimePassword/HttpAuthOneTimePassword.ino Outdated Show resolved Hide resolved
libraries/WebServer/examples/HttpAuthOneTimePasswordNaive/HttpAuthOneTimePasswordNaive.ino Outdated Show resolved Hide resolved
libraries/WebServer/examples/HttpBasicAuthSHA1/HttpBasicAuthSHA1.ino Show resolved Hide resolved
libraries/WebServer/examples/HttpBasicAuthSHA1/HttpBasicAuthSHA1.ino Show resolved Hide resolved
libraries/ESP32/examples/HEXBuilder/HEXBuilder.ino Outdated Show resolved Hide resolved
libraries/ESP32/examples/MD5Builder/MD5Builder.ino Outdated Show resolved Hide resolved
libraries/ESP32/examples/MD5Builder/MD5Builder.ino Outdated Show resolved Hide resolved
@lucasssvaz lucasssvaz added Resolution: Awaiting response Waiting for response of author and removed Status: Needs investigation We need to do some research before taking next steps on this issue labels Dec 20, 2023
@lucasssvaz lucasssvaz added the Area: Libraries Issue is related to Library support. label Jan 8, 2024
@lucasssvaz lucasssvaz force-pushed the WebServerSimplificationsAndHanders branch from 441848f to dcd64e1 Compare January 8, 2024 16:36
@lucasssvaz lucasssvaz force-pushed the WebServerSimplificationsAndHanders branch from 21889f9 to d24668e Compare January 9, 2024 16:35
@lucasssvaz lucasssvaz force-pushed the WebServerSimplificationsAndHanders branch from 98b3d32 to 81663f5 Compare January 11, 2024 21:28
lucasssvaz
lucasssvaz reviewed Jan 16, 2024
View reviewed changes
Copy link
Collaborator

@lucasssvaz lucasssvaz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@SuGlider @P-R-O-C-H-Y PR fixed and ready for review

@lucasssvaz lucasssvaz added Status: Review needed Issue or PR is awaiting review and removed Status: In Progress Issue is in progress labels Jan 16, 2024
@lucasssvaz lucasssvaz added Status: Pending Merge Pull Request is ready to be merged and removed Status: Review needed Issue or PR is awaiting review labels Jan 16, 2024
@lucasssvaz lucasssvaz mentioned this pull request Jan 16, 2024
Merged
@me-no-dev me-no-dev merged commit e581717 into espressif:master Jan 16, 2024
39 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@me-no-dev me-no-dev me-no-dev approved these changes

@lucasssvaz lucasssvaz lucasssvaz approved these changes

@SuGlider SuGlider Awaiting requested review from SuGlider

@P-R-O-C-H-Y P-R-O-C-H-Y Awaiting requested review from P-R-O-C-H-Y

Assignees

@lucasssvaz lucasssvaz

Labels
Area: Libraries Issue is related to Library support. Status: Pending Merge Pull Request is ready to be merged
Projects
Arduino ESP32 Core Project Roadmap
Status: Done
Milestone
3.0.0-RC1
Development

Successfully merging this pull request may close these issues.
7 participants
@dirkx @CLAassistant @Jason2866 @me-no-dev @lucasssvaz @VojtechBartoska @SuGlider