MicroTelnetServer icon indicating copy to clipboard operation
MicroTelnetServer copied to clipboard

Published 20 hours ago verified publisher icon cpopp

add authentication password check

Open gitcnd opened this issue 2 years ago • 3 comments

adds the code to meter access to only those with the password. the password is hard-coded in here, and is this: pass

gitcnd avatar Nov 13 '23 23:11 gitcnd

I think better to define a constant with expected password somewhere on top to easely change it. Also will be good to strictly compare equality istead of startWith.

captsmile avatar Jan 05 '24 22:01 captsmile

input contains line-end, so "equality" isn't precisely what you mean, but yes.

this code works as-is, and is an infinite improvement over the status-quo (no authentication at all), so I would suggest that no addition features or changes be considered here, until after this PR has been accepted, mostly for the following reason:

we don't know if any work we do will even get accepted, so doing more work for nothing is a waste of everyone's time. we need some sort of confirmation that this project is not stale before doing more work on it.

gitcnd avatar Jan 05 '24 23:01 gitcnd

And, of course, some kind of strong PKBDF needs to go in place of the "startsWith" function - no plaintext passwords (not even hashed ones) should ever be put in firmware! That's a major addition to this project, and again, not worth wasting time on if this project is dormant.

gitcnd avatar Jan 06 '24 00:01 gitcnd