ske087/olimex_ESP32-C6-EVB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
olimex_ESP32-C6-EVB/.gitignore
scheianu 039a60848d Add HMAC-SHA256 API auth, NTP sync, NFC access control improvements 
Security:
- Add verifyAPIRequest(): accepts valid Digest Auth (browser) OR valid
  HMAC-SHA256 signature (driver) — fixes browser UI being blocked by auth
- All 11 API endpoints require verifyAPIRequest()
- /register exempt (bootstrap handshake, secret not yet exchanged)
- Credentials moved to secrets.h (gitignored); secrets.h.example added

NTP:
- Sync time on boot for HMAC replay-prevention timestamp window (±60s)
- server.collectHeaders() registers X-Request-Time / X-Request-Sig

NFC:
- Full NFC access control: auth UID, relay trigger, absent timeout
- Live UID display, copy-to-auth button, save/clear settings from UI
- Access state: idle / granted / denied with colour feedback
2026-03-15 16:42:33 +02:00

16 lines
137 B
Plaintext
Raw Permalink Blame History

# Python
__pycache__/
*.pyc
*.pyo
*.pyd
.Python
# Home Assistant generated
icon.png
# OS
.DS_Store
Thumbs.db
/esp32_arduino/secrets.h
Reference in New Issue View Git Blame Copy Permalink