I have a custom STM32407 board running LwIP with a HTTPD server. All of my GET processes are working correctly and displaying the pages that need to be shown.
I now want to password protect access to those pages. I have the username and password stored in an EEPROM on the board. I read them out of the EEPROM when the board starts and store them in global variables. I have a username and password page set as my index.html file. I enter the username and password and send it as a POST to the web server. I extract the username and password coming in and compare it to the variable values. If they match, I set a char variable to "good". If they don't match I set the variable to "bad". In debug mode I have confirmed all of this code works.
The question I have is how do I get the variable value back to the browser? If I receive "good" I will open the start page of my application. If I receive "bad" I will just stay on the username/password page. I have played with is for a couple of days with no luck. Wireshark shows the username and password being sent to the server. I see the board acknowledge the transmission.
What do I need to add to my code to get the result of the username/password check back to the browser? I don't really understand how the POST process works in LWiP. I believe the result has to be returned somehow in the httpd_post_receive_data function. Do I need to call a CGI or SSI script at this point in the code?
This is the POST code I am using. I have removed the username/password check code to keep the code listing as short as possible.
err_t httpd_post_begin(void *connection, const char *uri, const char *http_request,
uint16_t http_request_len, int content_len, char *response_uri,
uint16_t response_uri_len, uint8_t *post_auto_wnd)
{
return ERR_OK;
}
err_t httpd_post_receive_data(void *connection, struct pbuf *p)
{
// payload comes in as a string "username=username&password=password"
char *ret, readval[48];
char un[8], pw[24]; // pw is size 24 to allow for several special characters
char delim[2];
uint8_t x = 0, y = 0, pos;
strcpy(delim, "="); // strstr function needs '\0' as terminator
strcpy(readval, p->payload);
ret = strstr(readval, delim);
pos = ret - readval;
pos++; // step past "=" character to username
for(x = pos; x < 17; x++) // 25 is 9(x start) + 8(un size)
{
if(readval[x] == 0x26) // 0x26 is "&" character
break;
un[y] = readval[x];
y++;
}
un[y] = '\0'; // add string terminate character
x++; // step past & character
pos = x + 9; // 9 is length of word "password" plus \0
for(x = (pos-9); x < pos; x++)
{
if(readval[x] == 0x3D) // 0x3D is = character
break;
}
y = 0;
x++; // step past "=" character
pos = x + 24; // 24 is size of pw
for(x = (pos-24); x < pos; x++)
{
if(readval[x] == '\0')
break;
pw[y] = readval[x];
y++;
}
pw[y] = '\0'; // add string terminate character
// username and password have been extracted at this point. Comparison to EEPROM values here.
pbuf_free(p);
return ERR_OK;
}
void httpd_post_finished(void *connection, char *response_uri, u16_t response_uri_len)
{
connection = NULL;
}
Any suggestions or links that give a detailed explanation of the LwIP POST implementation would be appreciated. I already know I will need to use some kind of javascript or ajax code in my username/password html code but hopefully I will be able to figure that out.
Home
Help
Search
Login
Register
