|
|
@@ -45,6 +45,7 @@ static void HTTP_SetUserCookie(char *str, uint8_t user_id);
|
|
|
static void HTTP_UpdateUserLoginTime(uint8_t user_id);
|
|
|
static void HTTP_ForceUserLogout(uint8_t user_id);
|
|
|
void LogoutTimerCallback(TimerHandle_t pxTimer);
|
|
|
+void LoginTimerCallback(TimerHandle_t pxTimer);
|
|
|
int HTTP_ChangeUserPwd(char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *lenBufOut);
|
|
|
|
|
|
SET_PAGE_t SET_PAGE = SET_PAGE_IDLE;
|
|
|
@@ -71,17 +72,19 @@ uint32_t log_post_reqn;
|
|
|
/* Max user active sessions count */
|
|
|
#define WEB_USER_MAX_SESSION_COUNT 5
|
|
|
|
|
|
-typedef struct {
|
|
|
- char cookie[MAX_WEB_COOKIE_LEN];
|
|
|
- TimerHandle_t LogoutTimer;
|
|
|
-} auth_session_t;
|
|
|
-
|
|
|
struct {
|
|
|
//auth_session_t session[WEB_USER_MAX_SESSION_COUNT];
|
|
|
char cookie[MAX_WEB_COOKIE_LEN];
|
|
|
TimerHandle_t LogoutTimer;
|
|
|
} users[MAX_WEB_USERS];
|
|
|
|
|
|
+TimerHandle_t RepeatLoginTimer;
|
|
|
+
|
|
|
+/* Repeat Login timeout, 1 minutes */
|
|
|
+#define REPEAT_LOGIN_TIME configTICK_RATE_HZ*60*1
|
|
|
+
|
|
|
+uint8_t cnt_err_psw = 0;
|
|
|
+
|
|
|
bool Authenticated = false;
|
|
|
|
|
|
/* Level of currently logged-in user */
|
|
|
@@ -1713,7 +1716,11 @@ void HTTP_ConfirmBootPwd(char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t
|
|
|
}
|
|
|
}
|
|
|
|
|
|
-
|
|
|
+void LoginTimerCallback(TimerHandle_t pxTimer) {
|
|
|
+ cnt_err_psw = 0;
|
|
|
+ DBG printf("cnt_err_psw %d", cnt_err_psw);
|
|
|
+ xTimerStop(RepeatLoginTimer, 0);
|
|
|
+}
|
|
|
|
|
|
/**
|
|
|
* @brief Проверка пароля для входа в Web
|
|
|
@@ -1784,7 +1791,13 @@ int HTTP_ConfirmWebPwd(char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *l
|
|
|
/* Login and pass are valid */
|
|
|
|
|
|
/* TODO replace global flag with user-pass-cookie */
|
|
|
- Authenticated = true;
|
|
|
+ if(cnt_err_psw < 4){
|
|
|
+ cnt_err_psw = 0;
|
|
|
+ Authenticated = true;
|
|
|
+ }
|
|
|
+ else{
|
|
|
+ Authenticated = false;
|
|
|
+ }
|
|
|
break;
|
|
|
}
|
|
|
else{
|
|
|
@@ -1843,11 +1856,24 @@ int HTTP_ConfirmWebPwd(char *bufIn, char *bufOut, uint16_t lenBufIn, uint16_t *l
|
|
|
return SEND_REQUIRED_YES;
|
|
|
}
|
|
|
else{
|
|
|
+ if(cnt_err_psw <= 4)
|
|
|
+ cnt_err_psw ++;
|
|
|
+ DBG printf("cnt_err_psw %d", cnt_err_psw);
|
|
|
+ if(cnt_err_psw == 4)
|
|
|
+ xTimerStart(RepeatLoginTimer, 0);
|
|
|
strcpy(bufOut, "HTTP/1.0 200 OK\r\nContent-Type: text/html;\r\n\r\n");
|
|
|
- if((sSettings.sRADIUS.RDSEnable == true) && (fl_raddius_net_err == false))
|
|
|
- strcat(bufOut,"<!DOCTYPE html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"refresh\" content=\"3; url=/rslogin.html\" /></head><center><h2>Не правильный логин или пароль</h2></center></html>");
|
|
|
- else
|
|
|
- strcat(bufOut,"<!DOCTYPE html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"refresh\" content=\"3; url=/login.html\" /></head><center><h2>Не правильный логин или пароль</h2></center></html>");
|
|
|
+ if((sSettings.sRADIUS.RDSEnable == true) && (fl_raddius_net_err == false)){
|
|
|
+ if(cnt_err_psw < 4)
|
|
|
+ strcat(bufOut,"<!DOCTYPE html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"refresh\" content=\"3; url=/rslogin.html\" /></head><center><h2>Не правильный логин или пароль</h2></center></html>");
|
|
|
+ else
|
|
|
+ strcat(bufOut,"<!DOCTYPE html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"refresh\" content=\"3; url=/rslogin.html\" /></head><center><h2>Вход заблокирован!</h2></center></head><center><h2>Повторите попытку через 15 минут</h2></center></html>");
|
|
|
+ }
|
|
|
+ else{
|
|
|
+ if(cnt_err_psw < 4)
|
|
|
+ strcat(bufOut,"<!DOCTYPE html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"refresh\" content=\"3; url=/login.html\" /></head><center><h2>Не правильный логин или пароль</h2></center></html>");
|
|
|
+ else
|
|
|
+ strcat(bufOut,"<!DOCTYPE html><html><head><meta charset=\"utf-8\"><meta http-equiv=\"refresh\" content=\"3; url=/login.html\" /></head><center><h2>Вход заблокирован!</h2></center></head><center><h2>Повторите попытку через 15 минут</h2></center></html>");
|
|
|
+ }
|
|
|
*lenBufOut = strlen(bufOut);
|
|
|
return SEND_REQUIRED_NO;
|
|
|
}
|
|
|
@@ -2808,9 +2834,9 @@ void ssl_server(void *pvParameters)
|
|
|
// check if last data packet
|
|
|
if (TotalData == size)
|
|
|
{
|
|
|
- printf("State: Received %d bytes\r\n", (int)TotalData);
|
|
|
+ DBG printf("State: Received %d bytes\r\n", (int)TotalData);
|
|
|
|
|
|
- printf("receive %s /r/n", sendBuf);
|
|
|
+ DBG printf("receive %s /r/n", sendBuf);
|
|
|
strncat(sendBuf, " ", 1);
|
|
|
HTTP_SetSettings(sendBuf, strlen(sendBuf));
|
|
|
|
|
|
@@ -3326,4 +3352,5 @@ void HTTPS_Init()
|
|
|
users[user_id].LogoutTimer =
|
|
|
xTimerCreate("LogoutTmr", WEB_LOGOUT_TIME, pdFALSE, ( void * ) user_id, LogoutTimerCallback);
|
|
|
}
|
|
|
+ RepeatLoginTimer = xTimerCreate("LoginTmr", REPEAT_LOGIN_TIME, pdFALSE, ( void * ) 0, LoginTimerCallback);
|
|
|
}
|
balbekova