Drop WebUI default credentials

PR #19777.
2025-12-29 11:48:05 -06:00 · 2023-11-10 07:18:42 +03:00
parent 28b5d7230c
commit 0f40fad74d
21 changed files with 372 additions and 253 deletions
--- a/src/webui/webui.cpp
+++ b/src/webui/webui.cpp
@@ -1,6 +1,6 @@
 /*
 * Bittorrent Client using Qt and libtorrent.
- * Copyright (C) 2015  Vladimir Golovnev <glassez@yandex.ru>
+ * Copyright (C) 2015, 2023  Vladimir Golovnev <glassez@yandex.ru>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
@@ -28,6 +28,7 @@

 #include "webui.h"

+#include "base/global.h"
 #include "base/http/server.h"
 #include "base/logger.h"
 #include "base/net/dnsupdater.h"
@@ -36,10 +37,12 @@
 #include "base/preferences.h"
 #include "base/utils/io.h"
 #include "base/utils/net.h"
+#include "base/utils/password.h"
 #include "webapplication.h"

-WebUI::WebUI(IApplication *app)
+WebUI::WebUI(IApplication *app, const QByteArray &tempPasswordHash)
    : ApplicationComponent(app)
+    , m_passwordHash {tempPasswordHash}
 {
    configure();
    connect(Preferences::instance(), &Preferences::changed, this, &WebUI::configure);
@@ -50,13 +53,23 @@ void WebUI::configure()
    m_isErrored = false; // clear previous error state
    m_errorMsg.clear();

-    const QString portForwardingProfile = u"webui"_s;
    const Preferences *pref = Preferences::instance();
-    const quint16 port = pref->getWebUiPort();
-    m_isEnabled = pref->isWebUiEnabled();
+    m_isEnabled = pref->isWebUIEnabled();
+    const QString username = pref->getWebUIUsername();
+    if (const QByteArray passwordHash = pref->getWebUIPassword(); !passwordHash.isEmpty())
+        m_passwordHash = passwordHash;

-    if (m_isEnabled)
+    if (m_isEnabled && (username.isEmpty() || m_passwordHash.isEmpty()))
    {
+        setError(tr("Credentials are not set"));
+    }
+
+    const QString portForwardingProfile = u"webui"_s;
+
+    if (m_isEnabled && !m_isErrored)
+    {
+        const quint16 port = pref->getWebUIPort();
+
        // Port forwarding
        auto *portForwarder = Net::PortForwarder::instance();
        if (pref->useUPnPForWebUIPort())
@@ -69,7 +82,7 @@ void WebUI::configure()
        }

        // http server
-        const QString serverAddressString = pref->getWebUiAddress();
+        const QString serverAddressString = pref->getWebUIAddress();
        const auto serverAddress = ((serverAddressString == u"*") || serverAddressString.isEmpty())
            ? QHostAddress::Any : QHostAddress(serverAddressString);

@@ -84,7 +97,10 @@ void WebUI::configure()
                m_httpServer->close();
        }

-        if (pref->isWebUiHttpsEnabled())
+        m_webapp->setUsername(username);
+        m_webapp->setPasswordHash(m_passwordHash);
+
+        if (pref->isWebUIHttpsEnabled())
        {
            const auto readData = [](const Path &path) -> QByteArray
            {
@@ -96,9 +112,9 @@ void WebUI::configure()

            const bool success = m_httpServer->setupHttps(cert, key);
            if (success)
-                LogMsg(tr("Web UI: HTTPS setup successful"));
+                LogMsg(tr("WebUI: HTTPS setup successful"));
            else
-                LogMsg(tr("Web UI: HTTPS setup failed, fallback to HTTP"), Log::CRITICAL);
+                LogMsg(tr("WebUI: HTTPS setup failed, fallback to HTTP"), Log::CRITICAL);
        }
        else
        {
@@ -110,17 +126,12 @@ void WebUI::configure()
            const bool success = m_httpServer->listen(serverAddress, port);
            if (success)
            {
-                LogMsg(tr("Web UI: Now listening on IP: %1, port: %2").arg(serverAddressString).arg(port));
+                LogMsg(tr("WebUI: Now listening on IP: %1, port: %2").arg(serverAddressString).arg(port));
            }
            else
            {
-                m_errorMsg = tr("Web UI: Unable to bind to IP: %1, port: %2. Reason: %3")
-                    .arg(serverAddressString).arg(port).arg(m_httpServer->errorString());
-                LogMsg(m_errorMsg, Log::CRITICAL);
-                qCritical() << m_errorMsg;
-
-                m_isErrored = true;
-                emit error(m_errorMsg);
+                setError(tr("Unable to bind to IP: %1, port: %2. Reason: %3")
+                        .arg(serverAddressString).arg(port).arg(m_httpServer->errorString()));
            }
        }

@@ -147,6 +158,18 @@ void WebUI::configure()
    }
 }

+void WebUI::setError(const QString &message)
+{
+    m_isErrored = true;
+    m_errorMsg = message;
+
+    const QString logMessage = u"WebUI: " + m_errorMsg;
+    LogMsg(logMessage, Log::CRITICAL);
+    qCritical() << logMessage;
+
+    emit error(m_errorMsg);
+}
+
 bool WebUI::isEnabled() const
 {
    return m_isEnabled;