diff --git a/wled00/const.h b/wled00/const.h index cade2a0dc..db14e9721 100644 --- a/wled00/const.h +++ b/wled00/const.h @@ -320,7 +320,8 @@ // WLED Error modes #define ERR_NONE 0 // All good :) -#define ERR_EEP_COMMIT 2 // Could not commit to EEPROM (wrong flash layout?) +#define ERR_DENIED 1 // Permission denied +#define ERR_EEP_COMMIT 2 // Could not commit to EEPROM (wrong flash layout?) OBSOLETE #define ERR_NOBUF 3 // JSON buffer was not released in time, request cannot be handled at this time #define ERR_JSON 9 // JSON parsing failed (input too large?) #define ERR_FS_BEGIN 10 // Could not init filesystem (no partition?) diff --git a/wled00/wled_server.cpp b/wled00/wled_server.cpp index 8fbfb7fc0..d3d3eb229 100644 --- a/wled00/wled_server.cpp +++ b/wled00/wled_server.cpp @@ -195,7 +195,7 @@ void initServer() JsonObject root = doc.as(); if (error || root.isNull()) { releaseJSONBufferLock(); - request->send(400, "application/json", F("{\"error\":9}")); + request->send(400, "application/json", F("{\"error\":9}")); // ERR_JSON return; } const String& url = request->url(); @@ -210,6 +210,11 @@ void initServer() */ verboseResponse = deserializeState(root); } else { + if (!correctPIN && strlen(settingsPIN)>0) { + request->send(403, "application/json", F("{\"error\":1}")); // ERR_DENIED + releaseJSONBufferLock(); + return; + } verboseResponse = deserializeConfig(root); //use verboseResponse to determine whether cfg change should be saved immediately } releaseJSONBufferLock(); diff --git a/wled00/ws.cpp b/wled00/ws.cpp index 9ec06c236..b221586b0 100644 --- a/wled00/ws.cpp +++ b/wled00/ws.cpp @@ -78,7 +78,7 @@ void wsEvent(AsyncWebSocket * server, AsyncWebSocketClient * client, AwsEventTyp if((info->index + len) == info->len){ if(info->final){ if(info->message_opcode == WS_TEXT) { - client->text(F("{\"error\":9}")); //we do not handle split packets right now + client->text(F("{\"error\":9}")); // ERR_JSON we do not handle split packets right now } } }