lws-team
commented
6 years ago Lws does already support basic auth on individual mounts (and client certs). But it does basic auth by having the mount point to a user:pass text file somewhere else on the system... that makes sense for most platforms, since the text file can be placed somewhere and with permissions that it's secure. But on ESP32, the firmware is in plaintext and there's not necessarily any system filesystem. You can't easily ssh in and maintain the text file, or run scripts to maintain it.
I adapted it to use nvs for the auth lookup on esp32, and added a demo on the test server. The demo
a) writes a credential into nvs, in the nvs realm "lwsdemoba", with key "user" and value "password"
b) a new mount is added which serves /secret from the romfs in /secret in the URL space, protected by basic auth
c) when you visit /secret, you must give the user / password login at the browser before you can see /secret/index.html
FredrikFornstad
This is not an issue, but rather a request for an additional feature/demo:
lws-esp32-factory and lws-esp32-test-server-demos make use of ssl and certificates in a really nice way. I am impressed!
But I think I also need some sort of authentication. Basic-auth would be ok. I do not find my way through the lws-code well enough yet to understand where to start. Would it be easy for you to add a login prompt as part of the lws-esp32-test-server-demos?