BotoX/esp32-fingerprint-safe
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
BotoX
2023-06-06 19:34:45 +02:00
commit 356d7de2cf
29 changed files with 2629 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

462
app/main.cpp Normal file
View File

@ -0,0 +1,462 @@
#include <SmingCore.h>
#include <Data/WebHelpers/base64.h>
#include <ArduinoJson.h>
#include "utils.h"
#include "main.h"
CMain g_Main;
CMain::CMain() : m_FingerLogic(this)
{
}
static void STAGotIP(IpAddress ip, IpAddress mask, IpAddress gateway)
{
debugf("GOTIP - IP: %s, MASK: %s, GW: %s\n", ip.toString().c_str(), mask.toString().c_str(),
gateway.toString().c_str());
}
static void STADisconnect(const String& ssid, MacAddress bssid, WifiDisconnectReason reason)
{
debugf("DISCONNECT - SSID: %s, REASON: %d", ssid.c_str(), WifiEvents.getDisconnectReasonDesc(reason).c_str());
}
void CMain::Init(HardwareSerial &serial)
{
m_Settings.Load();
//m_Settings.Save();
WifiAccessPoint.enable(false);
if(m_Settings.m_aSSID[0])
{
debugf("Station: %s", m_Settings.m_aSSID);
WifiStation.enable(true);
WifiStation.config(m_Settings.m_aSSID, m_Settings.m_aPSK);
if(m_Settings.m_DHCP && m_Settings.m_aHostname[0])
WifiStation.setHostname(m_Settings.m_aHostname);
if(!m_Settings.m_DHCP && !m_Settings.m_Address.isNull())
WifiStation.setIP(m_Settings.m_Address, m_Settings.m_Netmask, m_Settings.m_Gateway);
WifiStation.connect();
}
else
{
debugf("Access Point 'admin': %s", m_Settings.m_aPassword);
WifiAccessPoint.config("safeweb", m_Settings.m_aPassword, AUTH_WPA2_PSK);
WifiAccessPoint.enable(true);
}
WifiEvents.onStationGotIP(STAGotIP);
WifiEvents.onStationDisconnect(STADisconnect);
m_FTP.listen(21);
m_FTP.addUser(m_Settings.m_aUsername, m_Settings.m_aPassword);
m_HttpServer.listen(80);
m_HttpServer.setBodyParser("application/json", bodyToStringParser);
m_HttpServer.paths.set("/api", HttpPathDelegate(&CMain::HttpOnApi, this));
m_HttpServer.paths.set("/api/dashboard", HttpPathDelegate(&CMain::HttpOnApi, this));
m_HttpServer.paths.set("/api/fingerprint", HttpPathDelegate(&CMain::HttpOnApi, this));
m_HttpServer.paths.set("/api/fingerprint/label", HttpPathDelegate(&CMain::HttpOnApi, this));
m_HttpServer.paths.set("/api/fingerprint/delete", HttpPathDelegate(&CMain::HttpOnApi, this));
m_HttpServer.paths.set("/api/fingerprint/enroll", HttpPathDelegate(&CMain::HttpOnApi, this));
m_HttpServer.paths.set("/api/unlock", HttpPathDelegate(&CMain::HttpOnApi, this));
m_HttpServer.paths.setDefault(HttpPathDelegate(&CMain::HttpOnFile, this));
m_FingerPrint.Init(serial, 0xFFFFFFFF, 0x00000000);
m_FingerLogic.Init(&m_FingerPrint);
}
bool CMain::HttpAuthorized(HttpRequest &request, HttpResponse &response)
{
String auth = request.getHeader("Authorization");
if(auth.startsWith("Basic "))
{
int headerLength = auth.length() - 6;
if(headerLength <= 64)
{
auth = base64_decode(auth.c_str() + 6, headerLength);
if(auth)
{
int sep = auth.indexOf(':');
if(sep != -1)
{
String username = auth.substring(0, sep);
String password = auth.substring(sep + 1);
if(username == m_Settings.m_aUsername && password == m_Settings.m_aPassword)
return true;
}
}
}
}
response.code = HTTP_STATUS_UNAUTHORIZED;
response.setHeader("WWW-Authenticate", "Basic realm=\"safeweb\"");
response.setHeader("401 Wrong credentials", "Authentication required");
response.setHeader("Connection", "close");
return false;
}
void CMain::HttpOnApi(HttpRequest &request, HttpResponse &response)
{
if(!HttpAuthorized(request, response))
return;
String path = request.uri.Path;
if(path.length() < 6)
{
response.code = HTTP_STATUS_NOT_FOUND;
return;
}
String endpoint = path.substring(5);
DynamicJsonDocument jsonReq(1024);
deserializeJson(jsonReq, request.getBody());
DynamicJsonDocument jsonResp(1024);
response.setAllowCrossDomainOrigin("*");
response.setHeader("Access-Control-Allow-Headers", "Content-Type");
if(request.method == HTTP_OPTIONS)
{
response.code = HTTP_STATUS_OK;
return;
}
HttpStatus status = HandleApi(request.method, endpoint, jsonReq, jsonResp);
if(status != HTTP_STATUS_OK)
{
response.code = status;
return;
}
String respString;
serializeJson(jsonResp, respString);
response.setContentType(MIME_JSON);
response.sendString(respString);
}
HttpStatus CMain::HandleApi(HttpMethod method, String endpoint, JsonDocument &req, JsonDocument &resp)
{
String test;
serializeJsonPretty(req, test);
debugf("request: %s\n", test.c_str());
if(endpoint == "dashboard")
{
if(method != HTTP_GET) return HTTP_STATUS_METHOD_NOT_ALLOWED;
JsonObject lock = resp.createNestedObject("lock");
lock["locked"] = true;
JsonObject door = resp.createNestedObject("door");
door["closed"] = true;
JsonObject battery = resp.createNestedObject("battery");
debugf("adc: %d\n", system_adc_read());
battery["voltage"] = (system_adc_read() / 1024.f) / 0.23;
battery["color"] = "success";
if(battery["voltage"] < 3.6f)
battery["color"] = "warning";
JsonObject network = resp.createNestedObject("network");
if(WifiStation.isEnabled())
{
network["type"] = "Station";
network["ssid"] = WifiStation.getSSID();
network["channel"] = WifiStation.getChannel();
network["dhcp"] = WifiStation.isEnabledDHCP();
network["rssi"] = WifiStation.getRssi();
network["signal"] = Rssi2Quality(WifiStation.getRssi());
network["address"] = WifiStation.getIP().toString();
}
else
{
network["type"] = "Access Point";
network["ssid"] = WifiAccessPoint.getSSID();
network["channel"] = WifiStation.getChannel();
network["dhcp"] = true;
network["address"] = WifiAccessPoint.getIP().toString();
}
}
else if(endpoint == "unlock")
{
if(method != HTTP_POST) return HTTP_STATUS_METHOD_NOT_ALLOWED;
LockUnlock();
resp["success"] = "true";
}
else if(endpoint == "fingerprint")
{
if(method != HTTP_GET) return HTTP_STATUS_METHOD_NOT_ALLOWED;
JsonArray fingerprints = resp.createNestedArray("fingerprints");
uint16_t tmp = Settings().m_FingerPrints.count();
for(uint16_t i = 0; i < tmp; i++)
{
JsonObject obj = fingerprints.createNestedObject();
const CSettings::CFingerPrint &finger = Settings().m_FingerPrints.valueAt(i);
obj["num"] = finger.m_FingerNum;
obj["label"] = String(finger.m_aLabel);
char aHexDigest[SHA256_SIZE*2+1];
bytes2hex(finger.m_aDigest, sizeof(finger.m_aDigest), aHexDigest, sizeof(aHexDigest));
obj["digest"] = String(aHexDigest);
}
}
else if(endpoint == "fingerprint/label")
{
if(method != HTTP_POST) return HTTP_STATUS_METHOD_NOT_ALLOWED;
if(!req.containsKey("index") || !req.containsKey("label"))
return HTTP_STATUS_BAD_REQUEST;
int index = req["index"].as<int>() - 1;
String label = req["label"];
if(index < 0 || index >= Settings().m_FingerPrints.count())
return HTTP_STATUS_BAD_REQUEST;
CSettings::CFingerPrint &finger = Settings().m_FingerPrints.valueAt(index);
strncpy(finger.m_aLabel, label.c_str(), sizeof(finger.m_aLabel));
Settings().Save();
resp["success"] = true;
}
else if(endpoint == "fingerprint/delete")
{
if(method != HTTP_POST) return HTTP_STATUS_METHOD_NOT_ALLOWED;
if(!req.containsKey("index"))
return HTTP_STATUS_BAD_REQUEST;
int index = req["index"].as<int>() - 1;
if(index < 0 || index >= Settings().m_FingerPrints.count())
return HTTP_STATUS_BAD_REQUEST;
const CSettings::CFingerPrint &finger = Settings().m_FingerPrints.valueAt(index);
FingerPrint().DeleteTemplate(finger.m_FingerNum, 1);
Settings().m_FingerPrints.removeAt(index);
Settings().Save();
resp["success"] = true;
}
else if(endpoint == "fingerprint/enroll")
{
if(method != HTTP_POST) return HTTP_STATUS_METHOD_NOT_ALLOWED;
if(req.containsKey("cancel"))
{
if(req["cancel"].as<bool>() && m_Enrolling)
{
resp["success"] = FingerLogic().EnrollFinger(false);
m_Enrolling = false;
m_Enrolled = false;
}
}
else
{
if(!req.containsKey("enrolling"))
return HTTP_STATUS_BAD_REQUEST;
bool enrolling = req["enrolling"];
if(enrolling && !m_Enrolling)
{
if(m_Enrolled)
{
resp["done"] = true;
resp["message"] = m_EnrollMessage;
m_Enrolled = false;
}
else
{
resp["error"] = m_EnrollMessage;
}
}
else if(enrolling && m_Enrolling)
{
resp["done"] = false;
resp["message"] = m_EnrollMessage;
}
else // if(!enrolling)
{
if(!req.containsKey("label"))
return HTTP_STATUS_BAD_REQUEST;
if(!m_Enrolling)
{
FingerLogic().EnrollFinger();
m_Enrolling = true;
m_Enrolled = false;
m_EnrollLabel = String(req["label"].as<const char *>());
resp["done"] = false;
m_EnrollMessage = "Started enroll process. Please place your finger on the sensor.";
resp["message"] = m_EnrollMessage;
}
else
{
resp["done"] = true;
m_Enrolled = false;
resp["message"] = m_EnrollMessage;
}
}
}
}
else
{
return HTTP_STATUS_NOT_FOUND;
}
return HTTP_STATUS_OK;
}
void CMain::HttpOnFile(HttpRequest &request, HttpResponse &response)
{
if(!HttpAuthorized(request, response))
return;
String file = request.uri.Path;
if(file == "/")
file = "index.html";
if(file[0] == '/')
file = file.substring(1);
if(file[0] == '.')
{
response.code = HTTP_STATUS_FORBIDDEN;
return;
}
response.setCache(86400, true); // It's important to use cache for better performance.
response.sendFile(file);
}
void CMain::OnFingerInterrupt(bool finger)
{
m_FingerLogic.OnFingerInterrupt(finger);
}
void CMain::FingerEnable(bool enable)
{
const int pin = FINGER_ENABLE_PIN;
digitalWrite(pin, !enable);
}
void CMain::LockSendBytes(uint8_t *pBytes, uint8_t len)
{
const int pin = SAFELOCK_DATA_PIN;
// Init
digitalWrite(pin, 0);
delayMicroseconds(10 * 1000);
digitalWrite(pin, 1);
delayMicroseconds(10 * 1000);
// Send data, calculate checksum and send checksum
uint8_t chk = 0x00;
for(uint8_t i = 0; i <= len; i++)
{
uint8_t byte;
if(i == len)
{
byte = chk;
}
else
{
byte = pBytes[i];
chk ^= byte;
}
for(int8_t j = 0; j < 8; j++)
{
digitalWrite(pin, 0);
delayMicroseconds(100);
digitalWrite(pin, 1);
uint8_t val = byte & (1 << j);
if(val)
delayMicroseconds(300);
else
delayMicroseconds(100);
}
digitalWrite(pin, 0);
delayMicroseconds(100);
digitalWrite(pin, 1);
delayMicroseconds(8);
}
}
void CMain::LockSendCode(uint8_t pass[8])
{
uint8_t packet[9] = {0x51};
memcpy(&packet[1], pass, 8);
LockSendBytes(packet, sizeof(packet));
}
void CMain::LockUnlock()
{
LockSendCode(Settings().m_aLockCode);
}
void CMain::EnrollMessage(const char *msg, bool error)
{
m_EnrollMessage = msg;
if(error)
m_Enrolling = false;
}
void CMain::OnFingerVerified(uint16_t fingerNum, uint8_t digest[SHA256_SIZE])
{
int fingerIndex = Settings().m_FingerPrints.indexOf(fingerNum);
if(fingerIndex == -1)
{
debugf("OnFingerVerified: fingerIndex == -1");
return;
}
const CSettings::CFingerPrint &finger = Settings().m_FingerPrints.valueAt(fingerIndex);
if(memcmp(digest, finger.m_aDigest, SHA256_SIZE) != 0)
{
debugf("OnFingerVerified: SHA256 mismatch");
return;
}
LockUnlock();
debugf("OnFingerVerified: OK!!!");
}
void CMain::OnFingerEnrolled(uint16_t fingerNum, uint8_t digest[SHA256_SIZE])
{
CSettings::CFingerPrint finger;
finger.m_FingerNum = fingerNum;
strncpy(finger.m_aLabel, m_EnrollLabel.c_str(), sizeof(finger.m_aLabel));
memcpy(finger.m_aDigest, digest, SHA256_SIZE);
char aHexDigest[SHA256_SIZE*2+1];
bytes2hex(finger.m_aDigest, sizeof(finger.m_aDigest), aHexDigest, sizeof(aHexDigest));
debugf("OnFingerEnrolled: \"%s\"", aHexDigest);
Serial1.printf("(sz: %d) Finger hexdigest: ", sizeof(finger.m_aDigest));
for(uint8_t i = 0; i < sizeof(finger.m_aDigest); i++)
Serial1.printf("%x", finger.m_aDigest[i]);
Serial1.printf("\n");
Settings().m_FingerPrints[fingerNum] = finger;
Settings().Save();
m_Enrolled = true;
m_Enrolling = false;
m_EnrolledFinger = finger;
char aBuf[512];
m_snprintf(aBuf, sizeof(aBuf), "Successfully enrolled new finger \"%s\".", finger.m_aLabel);
EnrollMessage(aBuf);
debugf("OnFingerEnrolled: OK!!!");
}