Copyright © https://mongoose-os.com

Mongoose OS Forum

frame

Web Server Authentication (Login/Logout)

Hello Folks,
I am new on the Mongoose Web Server technology and I am trying knows a little bit more. My question for everybody in this discussion list is simple. I am trying building a very simple web server with login/logout options. But I don´t know how could I do it with Mongoose (version 6.1). Does anybody know how can I do it? The idea is when I access the server, server request authentication. If authentication is right the server show index.html page.
Thans in advance.

Comments

  • SergeySergey Dublin, Ireland
    The simplest way to implement authentication is to utilize built-in Digest Authentication.
    Just create a ".htpasswd" file (note leading dot) in the root level directory.
    That file is a passwords file. You can add user/passwords to it using mongoose binary, or Apache's htdigest utility.
  • oprataoprata Brazil
    edited February 2016
    I did like you suggest. The authentication interface was showed but  the user and password that I put on .htpasswd file doesn't work. Do you have idea why it don't work?
  • SergeySergey Dublin, Ireland
    How exactly did you add user/password to the passwords file ?
  • I usef htdigest application for ubuntu to generate .htpasswd file. Inside the file the user and password appear like: <user>:<password>
  • SergeySergey Dublin, Ireland
    edited February 2016
    There should be a domain name as well.

    $ htdigest -c /tmp/foo site.com joe
    Adding password for joe in realm site.com.
    New password: 
    Re-type new password: 
    $ cat /tmp/foo 
    joe:site.com:7521bb4fcac297c698a0ffbe1b9a80c3
    
  • I did like you suggest but doesn't work. I generated the .htpasswd file in this way: htdigest -c .htpasswd mydomain.com admin. I put .htpasswd on the same place where I start web server. Do you have any idea about what is happening? I used Ubuntu OS (version: 15.10) and mongoose 6.1 version.
    My .htpasswd file is below and password is admin.
    admin:mydomain.com:e9577134315f974d33c488f0ef93cb6d

  • SergeySergey Dublin, Ireland
    So, just to clarify, you see the password prompt in your browser, but when you enter it, the server shows the prompt again?
  • SergeySergey Dublin, Ireland
    Ok, thank you.
    Could you clarify on the browser you're using. Also, could you try the latest code from the repository?
    I have just verified the latest build by hands (in addition to our unit test), works fine.
  • I got source code from Cesanta web site and the version is "mongoose premium 6.0". The browser is: Mozilla Firefox 41.0.3. And the OS is Ubuntu Linux version 15.10. Could you provide the download link for last version?
  • Does Mongoose Web Server provide other way to authentication users?
  • adminadmin Dublin, Ireland
    1. Please try the latest code. Just download two files, 

      https://raw.githubusercontent.com/cesanta/mongoose/master/mongoose.c
      https://raw.githubusercontent.com/cesanta/mongoose/master/mongoose.h

      Then, re-try your experiment with the passwords file.

    2. The only built-in auth mechanism is passwords file.
         You can implement your own auth with mongoose, most common one is cookie-based auth.

  • Hello Folks,
    Unfortunately, my auth mechanism still doesn't work. Please, could you send me a example that you used and work?
    Thanks in advance.
  • adminadmin Dublin, Ireland
    We'll create an example for that - please expect it in the next week or two!
  • Hello Folks,
    Do you have idea when the example will be available?
    Thanks in advance.
  • SergeySergey Dublin, Ireland
    Here it is:
    https://github.com/cesanta/mongoose/tree/master/examples/cookie_authentication

    Could you elaborate on you use case please - what application you're developing?
  • Is there an updated cookie_authentication? Trying to test it with an app and it will not compile with errors like:

    cookie_auth.c:113:3: error: unknown type name 'cs_sha1_ctx'
    error: implicit declaration of function 'cs_sha1_init' [-Werror=implicit-function-declaration]
    error: passing argument 3 of 'mg_bind' from incompatible pointer type [-Werror=incompatible-pointer-typ
    es] nc = mg_bind(&mgr, s_http_port, ev_handler);
    
  • SergeySergey Dublin, Ireland

    mg_bind(&mgr, s_http_port, ev_handler, NULL);

  • Still the same errors here is the full output:

    cookie_auth.c:113:3: error: unknown type name 'cs_sha1_ctx'
       cs_sha1_ctx ctx;
       ^
    cookie_auth.c:114:3: error: implicit declaration of function 'cs_sha1_init' [-Werror=implicit-function-declaration]
       cs_sha1_init(&ctx);
       ^
    cookie_auth.c:115:3: error: implicit declaration of function 'cs_sha1_update' [-Werror=implicit-function-declaration]
       cs_sha1_update(&ctx, (const unsigned char *) hm->message.p, hm->message.len);
       ^
    cookie_auth.c:118:3: error: implicit declaration of function 'cs_sha1_final' [-Werror=implicit-function-declaration]
       cs_sha1_final(digest, &ctx);
       ^
    cookie_auth.c:119:3: error: dereferencing type-punned pointer will break strict-aliasing rules [-Werror=strict-aliasing]
       s->id = *((uint64_t *) digest);
       ^
    cookie_auth.c: In function 'main':
    cookie_auth.c:238:35: error: passing argument 3 of 'mg_bind' from incompatible pointer type [-Werror=incompatible-pointer-types]
       nc = mg_bind(&mgr, s_http_port, *ev_handler, NULL);
                                       ^
    In file included from cookie_auth.c:12:0:
    mongoose/src/net.h:328:23: note: expected 'mg_event_handler_t {aka void (*)(struct mg_connection *, int,  void *, void *)}' but argument is of type 'void (*)(struct mg_connection *, int,  void *)'
    cookie_auth.c:242:48: error: passing argument 3 of 'mg_register_http_endpoint' from incompatible pointer type [-Werror=incompatible-pointer-types]
       mg_register_http_endpoint(nc, "/login.html", login_handler);
                                                    ^
    In file included from cookie_auth.c:12:0:
    mongoose/src/http_server.h:399:6: note: expected 'mg_event_handler_t {aka void (*)(struct mg_connection *, int,  void *, void *)}' but argument is of type 'void (*)(struct mg_connection *, int,  void *)'
    cookie_auth.c:242:3: error: too few arguments to function 'mg_register_http_endpoint'
       mg_register_http_endpoint(nc, "/login.html", login_handler);
       ^
    In file included from cookie_auth.c:12:0:
    mongoose/src/http_server.h:399:6: note: declared here
    cookie_auth.c:243:44: error: passing argument 3 of 'mg_register_http_endpoint' from incompatible pointer type [-Werror=incompatible-pointer-types]
       mg_register_http_endpoint(nc, "/logout", logout_handler);
                                                ^
    In file included from cookie_auth.c:12:0:
    mongoose/src/http_server.h:399:6: note: expected 'mg_event_handler_t {aka void (*)(struct mg_connection *, int,  void *, void *)}' but argument is of type 'void (*)(struct mg_connection *, int,  void *)'
    cookie_auth.c:243:3: error: too few arguments to function 'mg_register_http_endpoint'
       mg_register_http_endpoint(nc, "/logout", logout_handler);
       ^
    In file included from cookie_auth.c:12:0:
    
Sign In or Register to comment.