ESP8266 Community Forum

Posted: **Wed Feb 27, 2019 1:17 pm**

Hello, I have a question, in a small server with 2 pages, the first being the login one.
How can a client be authenticated and when he disconnects he has to re-enter the password.

And if you put the route in the browser on page 2 do not access it if you have not gone through the access page.

Actually the login works correctly for me, but if I put the full path of page 2, it also serves me without any password.

For example:

Code: Select all

webServer.on ("/ loginconfig.php", [] ()
{
if (webServer.args ()> 0 && webServer.arg (0) == "password")
{
webServer.send (200, "text / html", PASSOK);
}
else
{
webServer.send (200, "text / html", ERRORPASS);
}

I have searched but I do not see anything clear or simple to implement.

Greetings and thank you

Posted: **Wed Feb 27, 2019 8:31 pm**

I searched for authentication cookies and ESP8266. I found this https://www.youtube.com/watch?v=pPXTYRf6nWo

Posted: **Thu Feb 28, 2019 4:39 am**

Thank you, for your help that I already saw, I'm looking for something easier.

Posted: **Thu Feb 28, 2019 9:02 am**

I am not that familiar with web security, but if I were to try something simple I would try this. Get the connection MAC address of the client on each request. After authentication provide the content. If the client is not authorized then supply a different content for whatever page it connects to. Or a redirect to the login screen.

A timer can also be used to keep track of the continued access. If the client does not access the server in a set time, then require them to log in again. (optional)

ESP8266 Community Forum

Simple form of authenticated client in web server?

Simple form of authenticated client in web server?

Re: Simple form of authenticated client in web server?

Re: Simple form of authenticated client in web server?

Re: Simple form of authenticated client in web server?