Merge pull request #146 from TheElixZammuto/web-ui-welcome

Show a Welcome Page if credentials are created the first time

sunshine/confighttp.cpp

@@ -73,6 +73,15 @@ void send_unauthorized(resp_https_t response, req_https_t request) {
   response->write(SimpleWeb::StatusCode::client_error_unauthorized, headers);
 }
 
+void send_redirect(resp_https_t response, req_https_t request, const char *path) {
+  auto address = request->remote_endpoint_address();
+  BOOST_LOG(info) << "Web UI: ["sv << address << "] -- not authorized"sv;
+  const SimpleWeb::CaseInsensitiveMultimap headers {
+    { "Location", path }
+  };
+  response->write(SimpleWeb::StatusCode::redirection_temporary_redirect, headers);
+}
+
 bool authenticate(resp_https_t response, req_https_t request) {
   auto address = request->remote_endpoint_address();
   auto ip_type = net::from_address(address);
@@ -83,6 +92,12 @@ bool authenticate(resp_https_t response, req_https_t request) {
     return false;
   }
 
+  //If credentials are shown, redirect the user to a /welcome page
+  if(config::sunshine.username.empty()){
+    send_redirect(response,request,"/welcome");
+    return false;
+  }
+
   auto fg = util::fail_guard([&]() {
     send_unauthorized(response, request);
   });
@@ -185,6 +200,17 @@ void getPasswordPage(resp_https_t response, req_https_t request) {
   response->write(header + content);
 }
 
+void getWelcomePage(resp_https_t response, req_https_t request) {
+  print_req(request);
+  if(!config::sunshine.username.empty()){
+    send_redirect(response,request,"/");
+    return;
+  }
+  std::string header  = read_file(WEB_DIR "header-no-nav.html");
+  std::string content = read_file(WEB_DIR "welcome.html");
+  response->write(header + content);
+}
+
 void getApps(resp_https_t response, req_https_t request) {
   if(!authenticate(response, request)) return;
 
@@ -371,7 +397,7 @@ void saveConfig(resp_https_t response, req_https_t request) {
 }
 
 void savePassword(resp_https_t response, req_https_t request) {
-  if(!authenticate(response, request)) return;
+  if(!config::sunshine.username.empty() && !authenticate(response, request)) return;
 
   print_req(request);
 
@@ -390,27 +416,31 @@ void savePassword(resp_https_t response, req_https_t request) {
   try {
     //TODO: Input Validation
     pt::read_json(ss, inputTree);
-    auto username        = inputTree.get<std::string>("currentUsername");
+    auto username        = inputTree.count("currentUsername") > 0 ? inputTree.get<std::string>("currentUsername") : "";
     auto newUsername     = inputTree.get<std::string>("newUsername");
-    auto password        = inputTree.get<std::string>("currentPassword");
+    auto password        = inputTree.count("currentPassword") > 0 ? inputTree.get<std::string>("currentPassword") : "";
     auto newPassword     = inputTree.get<std::string>("newPassword");
     auto confirmPassword = inputTree.get<std::string>("confirmNewPassword");
     if(newUsername.length() == 0) newUsername = username;
-
-    auto hash = util::hex(crypto::hash(password + config::sunshine.salt)).to_string();
-    if(username == config::sunshine.username && hash == config::sunshine.password) {
-      if(newPassword != confirmPassword) {
-        outputTree.put("status", false);
-        outputTree.put("error", "Password Mismatch");
-      }
-
-      http::save_user_creds(config::sunshine.credentials_file, newUsername, newPassword);
-      http::reload_user_creds(config::sunshine.credentials_file);
-      outputTree.put("status", true);
-    }
-    else {
+    if(newUsername.length() == 0){
       outputTree.put("status", false);
-      outputTree.put("error", "Invalid Current Credentials");
+      outputTree.put("error", "Invalid Username");
+    } else {
+      auto hash = util::hex(crypto::hash(password + config::sunshine.salt)).to_string();
+      if(config::sunshine.username.empty() || (username == config::sunshine.username && hash == config::sunshine.password)) {
+        if(newPassword != confirmPassword) {
+          outputTree.put("status", false);
+          outputTree.put("error", "Password Mismatch");
+        } else {
+          http::save_user_creds(config::sunshine.credentials_file, newUsername, newPassword);
+          http::reload_user_creds(config::sunshine.credentials_file);
+          outputTree.put("status", true);
+        }
+      }
+      else {
+        outputTree.put("status", false);
+        outputTree.put("error", "Invalid Current Credentials");
+      }
     }
   }
   catch(std::exception &e) {
@@ -467,6 +497,7 @@ void start() {
   server.resource["^/clients$"]["GET"]              = getClientsPage;
   server.resource["^/config$"]["GET"]               = getConfigPage;
   server.resource["^/password$"]["GET"]             = getPasswordPage;
+  server.resource["^/welcome$"]["GET"]              = getWelcomePage;
   server.resource["^/api/pin"]["POST"]              = savePin;
   server.resource["^/api/apps$"]["GET"]             = getApps;
   server.resource["^/api/apps$"]["POST"]            = saveApp;

sunshine/httpcommon.cpp

@@ -54,15 +54,11 @@ int init() {
       return -1;
     }
   }
-  if(!user_creds_exist(config::sunshine.credentials_file)) {
-    if(save_user_creds(config::sunshine.credentials_file, "sunshine"s, crypto::rand_alphabet(16), true)) {
-      return -1;
-    }
+  if(user_creds_exist(config::sunshine.credentials_file)) {
+    if(reload_user_creds(config::sunshine.credentials_file)) return -1;
+  } else {
+    BOOST_LOG(info) << "Open the Web UI to set your new username and password and getting started";
   }
-  if(reload_user_creds(config::sunshine.credentials_file)) {
-    return -1;
-  }
-
   return 0;
 }
 
@@ -92,12 +88,6 @@ int save_user_creds(const std::string &file, const std::string &username, const
   }
 
   BOOST_LOG(info) << "New credentials have been created"sv;
-
-  if(run_our_mouth) {
-    BOOST_LOG(info) << "Username: "sv << username;
-    BOOST_LOG(info) << "Password: "sv << password;
-  }
-
   return 0;
 }