OpenDTU icon indicating copy to clipboard operation
OpenDTU copied to clipboard

Published 20 hours ago verified publisher icon tbnobody

NavGuard

Open florian-senn opened this issue 1 year ago • 3 comments

Unauthorized users only can visit MainPage and Login

florian-senn avatar Apr 09 '23 15:04 florian-senn

But I want non-authorized users to visit the info views. If you don't want this, just deactivate this setting: image

On the other hand, the backend is still readable with your PR. Just the frontend prevents the route access.

tbnobody avatar Apr 09 '23 17:04 tbnobody

Unter der Route "/" ist ja die Live-Ansicht, diese ist dadurch noch zugänglich. Aber ja, es schützt nur das Frontend.

florian-senn avatar Apr 09 '23 19:04 florian-senn

Hey, I mean, thats always something that should be taken care of. I recommend to use Cloudflare Access or any other kind of reverse proxy for remote access, so the ESP will not host anything in the web. For accessing the ESP in a dedicated VLAN i could allow or block certain protocols and ports.

3DJupp avatar Feb 26 '24 09:02 3DJupp

@florian-senn we introduced the AuthenticationManager with ESPAsyncWebServer in #2320. Is this PR still needed or would you prefer to implement your changes based on the current master / trunk ?

stefan123t avatar Sep 30 '24 21:09 stefan123t