Merge pull request #8 from femto-code/require-auth

Authorization

Author: femto-code

CHANGELOG.md

@@ -7,6 +7,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 Open for your feature [requests](https://github.com/femto-code/Rasberry-Pi-Dashboard/pulls) or [issues](https://github.com/femto-code/Rasberry-Pi-Dashboard/issues)!
 [https://github.com/femto-code/Rasberry-Pi-Dashboard](https://github.com/femto-code/Rasberry-Pi-Dashboard)
 
+## [0.4] - 2020-08-XX
+- new authorization/login modal to secure dashboard
+
 ## [0.3] - 2020-07-10
 - new loading screen
 - small design adjustments

README.md

@@ -8,6 +8,7 @@
 ## Features
 
 - Live surveillance of RPi hardware (CPU Temperature, frequency, loads etc.)
+- Protected access with password login (default: root) ([configure password](https://github.com/femto-code/Rasberry-Pi-Dashboard#configure-password))
 - State Mail to send an email containing a summary
 - Power (shutdown/reboot) Raspberry Pi with schedule options ([setup instructions](https://github.com/femto-code/Rasberry-Pi-Dashboard#setup-project))
 - Web-App capable with mobile integration thanks to responsive design
@@ -36,6 +37,13 @@
 - Open web browser with URL: `http://IP_OF_YOUR_RPI/Raspberry-Pi-Dashboard`
 - [OPTIONAL] rename the folder to shorten the address input: `mv /var/www/html/Raspberry-Pi-Dashboard /var/www/html/{subfolder_name}` (Note: replace {subfolder_name} with your wish to enter the web page)
 
+### Configure password
+
+>You should change the default password (which is **root**) and a choose a more secure one by following these steps:
+1. Go to [https://www.md5-generator.de/](https://www.md5-generator.de/) and generate the MD5 encyrpted passphrase.
+2. Open `serv.php` on line 7 and adjust the passphrase with the generated one from step 1.
+3. Remember password and enjoy!
+
 ### Enabling remote shutdown/reboot (OPTIONAL)
 > Recommended only, if your RPi is not accessible over the Internet!
 In order to use the remote power functionality you have to give the user `www-data` advanced rights:

backend/serv.php

@@ -1,6 +1,27 @@
 <?php
+session_start();
 error_reporting (E_ALL);
 ini_set ('display_errors', 'On');
+
+// Change password here as MD5 encryption
+$correctPassword = "63a9f0ea7bb98050796b649e85481845";
+
+if(isset($_GET["logout"])){
+  session_destroy();
+  exit();
+}
+if(isset($_POST["login"])){
+  if(isset($_POST["pw"])){
+    $pw=md5($_POST["pw"]);
+    if($pw==$correctPassword){
+      echo "correctCredentials";
+      $_SESSION["rpidbauth"]="1";
+    }else{
+      echo "wrongCredentials";
+    }
+  }
+  exit();
+}
 if(isset($_GET["checkShutdown"])){
   system("date --date @$(head -1 /run/systemd/shutdown/scheduled |cut -c6-15)");
   exit;

backend/sys_infos.php

@@ -1,6 +1,13 @@
 <?php
 error_reporting(E_ALL);
 ini_set ('display_errors', 'On');
+// Authorization
+session_start();
+if(!isset($_SESSION["rpidbauth"])){
+  $output = array('auth' => 'false');
+	echo json_encode($output);
+  exit();
+}
 // Uptime
 $uptime = shell_exec("cat /proc/uptime");
 $uptime = explode(" ", $uptime);
@@ -127,7 +134,7 @@
 	echo $ausgabe;
 
 }else{
-	$output = array('timest' => $timed, 'uptime' => $uptime_string, 'cputemp' => $cputemp, 'cpufreq' => $cpufreq, 'load' => $getLoad, 'memperc' => $memperc, 'memavail' => $mavail, 'memunavail' => $munavail, 'swapperc' => $swapperc, 'swaptotal' => $swaptotal, 'swapused' => $swapused);
+	$output = array('auth' => 'true', 'timest' => $timed, 'uptime' => $uptime_string, 'cputemp' => $cputemp, 'cpufreq' => $cpufreq, 'load' => $getLoad, 'memperc' => $memperc, 'memavail' => $mavail, 'memunavail' => $munavail, 'swapperc' => $swapperc, 'swaptotal' => $swaptotal, 'swapused' => $swapused);
 	echo json_encode($output);
 }
 

custom/custom.js

@@ -20,4 +20,4 @@ warn_loads_size = 2;
 
 //***************************
 // DO NOT CHANGE
-console.log("Übernehme Userdaten: warncputemp="+warn_cpu_temp+" | warn_ram_space="+warn_ram_space+" | upd_time_interval="+upd_time_interval+" | warn_loads_size="+warn_loads_size);
+console.log("Custom user options: warncputemp="+warn_cpu_temp+" | warn_ram_space="+warn_ram_space+" | upd_time_interval="+upd_time_interval+" | warn_loads_size="+warn_loads_size);