Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Minor Enhancements for the MQTTserver example #478

Closed
dindan100 opened this issue Jul 2, 2018 · 2 comments
Closed

Minor Enhancements for the MQTTserver example #478

dindan100 opened this issue Jul 2, 2018 · 2 comments
Assignees
@crankyoldgit
Labels
enhancement

Comments

@dindan100
Copy link

Hi David,
I have just found and used your MQTTserver example and I am amazed with the quilty and willingness of you to help us all out so THANK you!
As such I thought I will share 2 minor issues I have changed to the example you might consider to add to the example.

  1. Add a note after the #define HOSTNAME "ir_server" // Name of the device you want in mDNS.
    //Changing this value will also change your MQTT path…
    //E.g:
    // ir_server/send or ir_server/sent
    //will be changed to [HOSTNAME]/send and [HOSTNAME]/sent

  2. Adding wifiManager.setSTAStaticIPConfig(IPAddress(x,x,x,xx), IPAddress(x,x,x,x), IPAddress(255,255,255,0));
    after
    wifiManager.setTimeout(300); // Time out after 5 mins.

This will open 3 additional textboxes during the configuration allowing user to use fixed IP, router, mask (I Usually use fixed IP for my home servers)

** I also believe that some sort of username and password should be used before the web page is loaded as we don’t want anyone connected to our network to use this page without authentication even if from DOS point of view however I don’t know I do it, will try thought :)
@crankyoldgit
Copy link
Owner

crankyoldgit commented Jul 2, 2018
edited
Loading

  1. Add a note after the #define HOSTNAME

Yep. Sounds like a good idea. I'll add something like that soon.

  1. Adding wifiManager.setSTAStaticIPConfig();

I'll look into it. I've been thinking of cleaning up and setting system parameters dynamically rather than compiled in.

Re: Password authentication.

Agreed. Ideally yes, there should be something, but this isn't a real "project", it's just an example.
Adding basic http password auth is pretty weak. It complicates the URL based sending for starters, requiring the password in each request. As it isn't over SSL, there is also the whole password in the clear text thing. Sure, there is the whole XSS/XSRF potential issue but if you change the address, that's as good as a different password. If someone is exposing this port directly to the Internet or their network isn't trusted, then they probably shouldn't be using this or they have accepted the risk.

Again, it's an example, not a complete polished project, and most of all, it meets my needs, which is why I wrote it. :-)

crankyoldgit added a commit that referenced this issue Jul 3, 2018
@crankyoldgit
Add static IP config option to IRMQTTServer
bcc0109 
* Allow an easy method for users to use a static (non-dhcp) method for IP setup.
* Clarify some of the implications of changing HOSTNAME.

Fixes #478
@crankyoldgit crankyoldgit self-assigned this Jul 3, 2018
@crankyoldgit crankyoldgit changed the title Minor Enhancements for the MQTTserver Exmaple Minor Enhancements for the MQTTserver example Jul 3, 2018
@crankyoldgit crankyoldgit mentioned this issue Jul 3, 2018
Merged
crankyoldgit added a commit that referenced this issue Jul 3, 2018
@crankyoldgit
Add static IP config option to IRMQTTServer (#480)
1646530 
* Allow an easy method for users to use a static (non-dhcp) method for IP setup.
* Clarify some of the implications of changing HOSTNAME.

Fixes #478
@crankyoldgit
Copy link
Owner

FYI, the changes are now live in the new v2.4.3 release of the library.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@crankyoldgit crankyoldgit

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@crankyoldgit @dindan100