UPDATE:Yesterday I managed to get HTTP AUTH to work. Here is my code:
Code: Select allwifi.setmode(wifi.SOFTAP)
wifi.ap.config({ssid="TEST_AP",pwd="Test12345678"})
print(wifi.sta.getip())
led1 = 4
gpio.mode(led1, gpio.OUTPUT)
srv=net.createServer(net.TCP)
srv:listen(80,function(conn)
conn:on("receive", function(client,request)
local buf = "";
local _, _, method, path, vars = string.find(request, "([A-Z]+) (.+)?(.+) HTTP");
if(method == nil)then
_, _, method, path = string.find(request, "([A-Z]+) (.+) HTTP");
end
local _, _, auth = string.find(request, "%cAuthorization: Basic ([%w=\+\/]+)");--Authorization:
if (auth == nil or auth ~= "dXNlcjoxMjM0")then --user:1234
client:send("HTTP/1.0 401 Authorization Required\r\nWWW-Authenticate: Basic realm=\"ESP8266 Web Server\"\r\n\r\n<h1>Unauthorized Access</h1>");
client:close();
return;
end
local _GET = {}
if (vars ~= nil)then
for k, v in string.gmatch(vars, "(%w+)=(%w+)&*") do
_GET[k] = v
end
end
buf=buf.."<html><body>"
buf = buf.."<h1> Control Web Server</h1>";
buf=buf.."<p> Please Enter Your Password </p>"
buf=buf.."<form method='get' action='/'>"
buf=buf.."<p>Password: <input type=password name=pass </p> "
buf = buf.."<p><button type=submit>Submit</button></p>";
buf = buf.."</form></body></html>"
local _on,_off = "",""
if(_GET.pass == "test")then
gpio.write(led1, gpio.HIGH);
tmr.delay(2000);
gpio.write(led1, gpio.LOW);
end
client:send(buf);
client:close();
collectgarbage();
end)
end)
My code has 3 levels of authentication. These are the network itself, HTTP auth and a password sent through HTTP post. I am pretty happy with my code so far however there is one small problem. The password sent through HTTP Post is sent in plain text. Would it be possible to encrypt the password on the client side via html code and then decrypt it on the server side?
Could MD5 or SHA1 be used for this?
If so how could I implement this kind of encryption ?