Add authentication type to Wifi

Add authentication type to Wifi so that the user can choose between open, WPA2 or WPA3 types when configuring the connection to a Wifi network.

Author: Deni90

firmware/flash_data/config/wifi_info.json

@@ -1 +1 @@
-{"hostname":"mynixieclock","SSID":"","password":""}
+{"hostname":"mynixieclock","SSID":"", "auth_type":"open","password":""}

firmware/flash_data/frontend/index.html

@@ -139,6 +139,23 @@ <h2>Wifi configuration</h2>
 			<label for="ssid">SSID:</label>
 			<input type="text" name="ssid" id="ssid" value="" />
 		</div>
+		<div class="field-container">
+			<label for="authType">Authentication type:</label>
+			<div class="choice-container">
+				<div class="choice" onclick="handleAtuhTypeChoice(event)" name="authTypeChoice" value="open">
+					<input id="authTypeOpen" type="radio" />
+					<label for="authTypeOpen">Open</label>
+				</div>
+				<div class="choice" onclick="handleAtuhTypeChoice(event)" name="authTypeChoice" value="wpa2">
+					<input id="authTypeWpa2" type="radio" />
+					<label for="authTypeWpa2">WPA2</label>
+				</div>
+				<div class="choice" onclick="handleAtuhTypeChoice(event)" name="authTypeChoice" value="wpa3">
+					<input id="authTypeWpa3" type="radio" />
+					<label for="authTypeWpa3">WPA3</label>
+				</div>
+			</div>
+		</div>
 		<div class="field-container">
 			<label for="password">Password:</label>
 			<input type="password" name="password" id="password" value="" />

firmware/flash_data/frontend/server.js

@@ -81,21 +81,23 @@ class LedInfo {
 }
 
 class WifiInfo {
-    constructor(hostname, ssid, password) {
+    constructor(hostname, ssid, authType, password) {
         this.hostname = hostname
         this.ssid = ssid;
+        this.authType = authType;
         this.password = password;
     }
     toJson() {
         return {
             "hostname": this.hostname,
             "SSID": this.ssid,
+            "auth_type": this.authType,
             "password": this.password,
         };
     }
     static Builder = class {
         fromJson(message) {
-            return new WifiInfo(message.hostname, message.SSID, atob(message.password));
+            return new WifiInfo(message.hostname, message.SSID, message.auth_type, atob(message.password));
         }
     }
 }
@@ -348,6 +350,15 @@ function getWifiInfo() {
             let wifiInfo = new WifiInfo.Builder().fromJson(data);
             document.getElementById("hostname").value = wifiInfo.hostname;
             document.getElementById("ssid").value = wifiInfo.ssid;
+            selectRadioChoiceByName("authTypeChoice", wifiInfo.authType);
+            if (wifiInfo.authType == "open") {
+                wifiInfo.password = "";
+                document.getElementById("password").disabled = true;
+                document.getElementById("passwordVerify").disabled = true;
+            } else {
+                document.getElementById("password").disabled = false;
+                document.getElementById("passwordVerify").disabled = false;
+            }
             document.getElementById("password").value = wifiInfo.password;
             document.getElementById("passwordVerify").value = wifiInfo.password;
         })
@@ -371,22 +382,31 @@ function setWifiInfo() {
         logLabel.style.color = errorColor;
         return;
     }
-    if (document.getElementById("password").value == "") {
-        console.log("Wifi password cannot be empty");
-        logLabel.innerHTML = "Error: Wifi password cannot be empty";
-        logLabel.style.color = errorColor;
-        return;
-    }
-    if (document.getElementById("password").value != document.getElementById("passwordVerify").value) {
-        console.log("Wifi passwords are not matching");
-        logLabel.innerHTML = "Error: Passwords are not matching";
-        logLabel.style.color = errorColor;
-        return;
+    if (getSelectedRadioChoice("authTypeChoice") != "open") {
+        if (document.getElementById("password").value == "") {
+            console.log("Wifi password cannot be empty");
+            logLabel.innerHTML = "Error: Wifi password cannot be empty";
+            logLabel.style.color = errorColor;
+            return;
+        }
+        if (document.getElementById("password").value.length < 8) {
+            console.log("Use at least 8 characters for password");
+            logLabel.innerHTML = "Error: Use at least 8 characters for password";
+            logLabel.style.color = errorColor;
+            return;
+        }
+        if (document.getElementById("password").value != document.getElementById("passwordVerify").value) {
+            console.log("Wifi passwords are not matching");
+            logLabel.innerHTML = "Error: Passwords are not matching";
+            logLabel.style.color = errorColor;
+            return;
+        }
     }
     logLabel.innerHTML = "";
     let wifiInfo = new WifiInfo(
         document.getElementById("hostname").value,
         document.getElementById("ssid").value,
+        getSelectedRadioChoice("authTypeChoice"),
         btoa(document.getElementById("password").value));
     const requestOptions = {
         method: 'POST',
@@ -411,7 +431,9 @@ function selectRadioChoiceByName(name, value) {
     for (i = 0; i < choices.length; i++) {
         if (choices[i].getAttribute("value") == value) {
             choices[i].className += " active";
-            break;
+        } else {
+            // clear if any choice was active previously
+            choices[i].className = choices[i].className.replace(" active", "");
         }
     }
 }
@@ -458,4 +480,16 @@ function updateColorBox() {
     hsv.v = document.getElementById("sliderValue").value;
     let color = "hsla(" + hsv.h + "," + hsv.s + "%," + "50%," + hsv.v + "%)";
     document.getElementById("colorBox").style.backgroundColor = color;
+}
+
+function handleAtuhTypeChoice(evt) {
+    if (selectRadioChoiceByEvent(evt) == "open") {
+        document.getElementById("password").disabled = true;
+        document.getElementById("password").value = "";
+        document.getElementById("passwordVerify").disabled = true;
+        document.getElementById("passwordVerify").value = "";
+    } else {
+        document.getElementById("password").disabled = false;
+        document.getElementById("passwordVerify").disabled = false;
+    }
 }

firmware/flash_data/frontend/style.css

@@ -142,7 +142,8 @@ input[type="password"] {
     border-radius: .5em;
 }
 
-input[type="text"]:disabled {
+input[type="text"]:disabled,
+input[type="password"]:disabled {
     background-color: #f6f6f6;
     font-weight: bold;
     width: 69%;

firmware/main/config_store.cpp

@@ -222,6 +222,11 @@ std::optional<WifiInfo> ConfigStore::loadWifiInfo() {
         cJSON_Delete(json);
         return std::nullopt;
     }
+    if (!cJSON_GetObjectItemCaseSensitive(json, "auth_type")) {
+        ESP_LOGW(kTag, "'auth_type' is not found in config");
+        cJSON_Delete(json);
+        return std::nullopt;
+    }
     if (!cJSON_GetObjectItemCaseSensitive(json, "password")) {
         ESP_LOGW(kTag, "'password' is not found in config");
         cJSON_Delete(json);
@@ -233,6 +238,19 @@ std::optional<WifiInfo> ConfigStore::loadWifiInfo() {
         cJSON_GetObjectItemCaseSensitive(json, "hostname")->valuestring);
     wifiInfo.setSSID(
         cJSON_GetObjectItemCaseSensitive(json, "SSID")->valuestring);
+    std::string authType =
+        cJSON_GetObjectItemCaseSensitive(json, "auth_type")->valuestring;
+    if (authType == "open") {
+        wifiInfo.setAuthType(WifiAuthType::Open);
+    } else if (authType == "wpa2") {
+        wifiInfo.setAuthType(WifiAuthType::WPA2);
+    } else if (authType == "wpa3") {
+        wifiInfo.setAuthType(WifiAuthType::WPA3);
+    } else {
+        ESP_LOGW(kTag, "Invalid 'auth_format'");
+        cJSON_Delete(json);
+        return std::nullopt;
+    }
     wifiInfo.setPassword(
         cJSON_GetObjectItemCaseSensitive(json, "password")->valuestring);
     cJSON_Delete(json);
@@ -251,6 +269,9 @@ bool ConfigStore::saveWifiInfo(const WifiInfo& wifiInfo) {
                           cJSON_CreateString(wifiInfo.getHostname().c_str()));
     cJSON_AddItemToObject(json, "SSID",
                           cJSON_CreateString(wifiInfo.getSSID().c_str()));
+    cJSON_AddItemToObject(
+        json, "auth_type",
+        cJSON_CreateString(wifiAuthTypeToString(wifiInfo.getAuthType())));
     cJSON_AddItemToObject(json, "password",
                           cJSON_CreateString(wifiInfo.getPassword().c_str()));
     char* jsonString = cJSON_Print(json);

firmware/main/include/wifi_info.h

@@ -11,6 +11,28 @@
 #include <inttypes.h>
 #include <string>
 
+/**
+ * @brief An enumeration representing wifi authentication types
+ */
+enum class WifiAuthType { Open, WPA2, WPA3 };
+
+/**
+ * @brief Convert wifi authentication type to c-style string
+ * @param[in] waf wifi authentication type
+ */
+constexpr const char* wifiAuthTypeToString(WifiAuthType waf) {
+    switch (waf) {
+    case WifiAuthType::Open:
+        return "open";
+    case WifiAuthType::WPA2:
+        return "wpa2";
+    case WifiAuthType::WPA3:
+        return "wpa3";
+    default:
+        return "unknown";
+    }
+}
+
 /**
  * @brief Represents a Wifi info class
  *
@@ -30,7 +52,7 @@ class WifiInfo {
      * @param password password
      */
     WifiInfo(const std::string& hostname, const std::string& ssid,
-             const std::string& password);
+             const WifiAuthType& authType, const std::string& password);
 
     /**
      * @brief Default destructor
@@ -77,6 +99,20 @@ class WifiInfo {
      */
     void setSSID(const std::string& value);
 
+    /**
+     * @brief Getter for Wifi authentication type
+     *
+     * @return Wifi authentication type
+     */
+    WifiAuthType getAuthType() const;
+
+    /**
+     * @brief Setter for Wifi authentication type
+     *
+     * @param value Wifi authentication type
+     */
+    void setAuthType(const WifiAuthType& value);
+
     /**
      * @brief Getter for password
      *
@@ -94,6 +130,7 @@ class WifiInfo {
   private:
     std::string mHostname;
     std::string mSsid;
+    WifiAuthType mAuthType;
     std::string mPassword;
 };
 

firmware/main/nixie_clock.cpp

@@ -69,7 +69,7 @@ void NixieClock::initialize() {
     ESP_LOGI(kTag, "Initialize Wifi... done");
 
     if (wifiInfo.getSSID() == "" || !mWifiManager.connectSta(wifiInfo)) {
-        WifiInfo apWifiInfo(kApHostname, kApSsid, "");
+        WifiInfo apWifiInfo(kApHostname, kApSsid, WifiAuthType::Open, "");
         mWifiManager.startAp(apWifiInfo);
         ESP_LOGI(kTag, "Setup captive portal...");
         setupCaptivePortal();

firmware/main/web_server.cpp

@@ -334,7 +334,10 @@ esp_err_t WebServer::handleGetWifiInfo(httpd_req_t* req) {
     cJSON* root = cJSON_CreateObject();
     cJSON_AddStringToObject(root, "hostname", wifiInfo.getHostname().c_str());
     cJSON_AddStringToObject(root, "SSID", wifiInfo.getSSID().c_str());
-    cJSON_AddStringToObject(root, "password", wifiInfo.getPassword().c_str());
+    cJSON_AddStringToObject(root, "auth_type",
+                            wifiAuthTypeToString(wifiInfo.getAuthType()));
+    // do not share the actual password
+    cJSON_AddStringToObject(root, "password", "");
     char* jsonStr = cJSON_Print(root);
     httpd_resp_sendstr(req, jsonStr);
     free(static_cast<void*>(jsonStr));
@@ -367,6 +370,19 @@ esp_err_t WebServer::handleSetWifiInfo(httpd_req_t* req) {
     WifiInfo wifiInfo;
     wifiInfo.setHostname(cJSON_GetObjectItem(root, "hostname")->valuestring);
     wifiInfo.setSSID(cJSON_GetObjectItem(root, "SSID")->valuestring);
+    std::string authType =
+        cJSON_GetObjectItemCaseSensitive(root, "auth_type")->valuestring;
+    if (authType == "open") {
+        wifiInfo.setAuthType(WifiAuthType::Open);
+    } else if (authType == "wpa2") {
+        wifiInfo.setAuthType(WifiAuthType::WPA2);
+    } else if (authType == "wpa3") {
+        wifiInfo.setAuthType(WifiAuthType::WPA3);
+    } else {
+        httpd_resp_send_err(req, HTTPD_500_INTERNAL_SERVER_ERROR,
+                            "Unknown wifi authentication type");
+        return ESP_FAIL;
+    }
     wifiInfo.setPassword(cJSON_GetObjectItem(root, "password")->valuestring);
     callback->onSetWifiInfo(wifiInfo);
     cJSON_Delete(root);

firmware/main/wifi_info.cpp

@@ -8,8 +8,9 @@
 #include "wifi_info.h"
 
 WifiInfo::WifiInfo(const std::string& hostname, const std::string& ssid,
-                   const std::string& password)
-    : mHostname(hostname), mSsid(ssid), mPassword(password) {}
+                   const WifiAuthType& authType, const std::string& password)
+    : mHostname(hostname), mSsid(ssid), mAuthType(authType),
+      mPassword(password) {}
 
 std::string WifiInfo::getHostname() const { return mHostname; }
 
@@ -19,6 +20,10 @@ std::string WifiInfo::getSSID() const { return mSsid; }
 
 void WifiInfo::setSSID(const std::string& value) { mSsid = value; }
 
+WifiAuthType WifiInfo::getAuthType() const { return mAuthType; }
+
+void WifiInfo::setAuthType(const WifiAuthType& value) { mAuthType = value; }
+
 std::string WifiInfo::getPassword() const { return mPassword; }
 
 void WifiInfo::setPassword(const std::string& value) { mPassword = value; }

firmware/main/wifi_manager.cpp

@@ -92,7 +92,17 @@ bool WifiManager::connectSta(const WifiInfo& wifiInfo) {
     std::strncpy(reinterpret_cast<char*>(wifiConfig.sta.password),
                  reinterpret_cast<char*>(password),
                  sizeof(wifiConfig.sta.password));
-    wifiConfig.sta.threshold.authmode = WIFI_AUTH_WPA2_PSK;
+    switch (wifiInfo.getAuthType()) {
+    case WifiAuthType::Open:
+        wifiConfig.sta.threshold.authmode = WIFI_AUTH_OPEN;
+        break;
+    case WifiAuthType::WPA2:
+        wifiConfig.sta.threshold.authmode = WIFI_AUTH_WPA2_PSK;
+        break;
+    case WifiAuthType::WPA3:
+        wifiConfig.sta.threshold.authmode = WIFI_AUTH_WPA3_PSK;
+        break;
+    }
     wifiConfig.sta.pmf_cfg.capable = true;
     wifiConfig.sta.pmf_cfg.required = false;