confighttp.cpp File Reference

Definitions for the Web UI Config HTTP server. More...

#include <algorithm>
#include <filesystem>
#include <format>
#include <fstream>
#include <string_view>
#include <boost/algorithm/string.hpp>
#include <boost/asio/ssl/context.hpp>
#include <boost/filesystem.hpp>
#include <nlohmann/json.hpp>
#include <Simple-Web-Server/crypto.hpp>
#include <Simple-Web-Server/server_https.hpp>
#include "platform/windows/misc.h"
#include <vector>
#include <Windows.h>
#include "config.h"
#include "confighttp.h"
#include "crypto.h"
#include "display_device.h"
#include "file_handler.h"
#include "globals.h"
#include "httpcommon.h"
#include "logging.h"
#include "network.h"
#include "nvhttp.h"
#include "platform/common.h"
#include "process.h"
#include "utility.h"
#include "uuid.h"

Include dependency graph for confighttp.cpp:

Classes
struct	confighttp::csrf_token_t

Typedefs
using	confighttp::args_t = SimpleWeb::CaseInsensitiveMultimap
using	confighttp::https_handler_t = std::function<void(resp_https_t, req_https_t)>
using	confighttp::https_server_t = SimpleWeb::Server<SimpleWeb::HTTPS>
using	confighttp::req_https_t = std::shared_ptr<SimpleWeb::ServerBase<SimpleWeb::HTTPS>::Request>
using	confighttp::resp_https_t = std::shared_ptr<SimpleWeb::ServerBase<SimpleWeb::HTTPS>::Response>

Enumerations
enum class	confighttp::op_e { ADD , REMOVE }

Functions
bool	confighttp::authenticate (const resp_https_t &response, const req_https_t &request)
	Authenticate the user.
void	confighttp::bad_request (const resp_https_t &response, const req_https_t &request, const std::string &error_message)
	Send a 400 Bad Request response.
void	confighttp::browseDirectory (const resp_https_t &response, const req_https_t &request)
	Browse the server filesystem.
nlohmann::json	confighttp::build_browse_entries (const fs::path &dir_path, const std::string &type_str)
	Lists, filters, and sorts the entries of a directory for the browse API.
bool	confighttp::check_app_index (const resp_https_t &response, const req_https_t &request, int index)
	Validates the application index and sends an error response if invalid.
bool	confighttp::check_content_type (const resp_https_t &response, const req_https_t &request, const std::string_view &contentType)
	Validate the request content type and send a bad request when mismatched.
void	confighttp::closeApp (const resp_https_t &response, const req_https_t &request)
	Close the currently running application.
void	confighttp::deleteApp (const resp_https_t &response, const req_https_t &request)
	Delete an application.
std::string	confighttp::generate_csrf_token (const std::string &client_id)
	Generate a new CSRF token for a client.
std::string	confighttp::get_client_id (const req_https_t &request)
	Get a unique client identifier for CSRF token management.
nlohmann::json	confighttp::get_windows_drives ()
	Builds a JSON array of available Windows drive letters.
void	confighttp::getApps (const resp_https_t &response, const req_https_t &request)
	Get the list of available applications.
void	confighttp::getAsset (const resp_https_t &response, const req_https_t &request)
	Get an asset.
void	confighttp::getClients (const resp_https_t &response, const req_https_t &request)
	Get the list of paired clients.
void	confighttp::getConfig (const resp_https_t &response, const req_https_t &request)
	Get the configuration settings.
void	confighttp::getCover (const resp_https_t &response, const req_https_t &request)
	Get an application's image.
void	confighttp::getCSRFToken (const resp_https_t &response, const req_https_t &request)
	Get a CSRF token for the authenticated user.
void	confighttp::getFaviconImage (const resp_https_t &response, const req_https_t &request)
	Get the favicon image.
void	confighttp::getLocale (const resp_https_t &response, const req_https_t &request)
	Get the locale setting. This endpoint does not require authentication.
void	confighttp::getLogs (const resp_https_t &response, const req_https_t &request)
	Get the logs from the log file.
void	confighttp::getPage (const resp_https_t &response, const req_https_t &request, const char *html_file, const bool require_auth, const bool redirect_if_username)
	Get an HTML page.
void	confighttp::getSunshineLogoImage (const resp_https_t &response, const req_https_t &request)
	Get the Sunshine logo image.
void	confighttp::getViGEmBusStatus (const resp_https_t &response, const req_https_t &request)
	Get ViGEmBus driver version and installation status.
void	confighttp::installViGEmBus (const resp_https_t &response, const req_https_t &request)
	Install ViGEmBus driver with elevated permissions.
bool	confighttp::is_browsable_executable (const fs::directory_entry &entry, const fs::file_status &status)
	Checks whether a directory entry qualifies as an executable file.
bool	confighttp::isChildPath (fs::path const &base, fs::path const &query)
	Check if a path is a child of another path.
void	confighttp::not_found (const resp_https_t &response, const req_https_t &request, const std::string &error_message)
	Send a 404 Not Found response.
void	confighttp::print_req (const req_https_t &request)
	Log the request details.
void	confighttp::resetDisplayDevicePersistence (const resp_https_t &response, const req_https_t &request)
	Reset the display device persistence.
void	confighttp::restart (const resp_https_t &response, const req_https_t &request)
	Restart Sunshine.
void	confighttp::saveApp (const resp_https_t &response, const req_https_t &request)
	Save an application. To save a new application, the index must be -1. To update an existing application, you must provide the current index of the application.
void	confighttp::saveConfig (const resp_https_t &response, const req_https_t &request)
	Save the configuration settings.
void	confighttp::savePassword (const resp_https_t &response, const req_https_t &request)
	Update existing credentials.
void	confighttp::savePin (const resp_https_t &response, const req_https_t &request)
	Send a pin code to the host. The pin is generated from the Moonlight client during the pairing process.
void	confighttp::send_redirect (const resp_https_t &response, const req_https_t &request, const char *path)
	Send a redirect response.
void	confighttp::send_response (const resp_https_t &response, const nlohmann::json &output_tree)
	Send a response.
void	confighttp::send_unauthorized (const resp_https_t &response, const req_https_t &request)
	Send a 401 Unauthorized response.
void	confighttp::start ()
void	confighttp::unpair (const resp_https_t &response, const req_https_t &request)
	Unpair a client.
void	confighttp::unpairAll (const resp_https_t &response, const req_https_t &request)
	Unpair all clients.
void	confighttp::uploadCover (const resp_https_t &response, const req_https_t &request)
	Upload a cover image.
bool	confighttp::validate_csrf_token (const resp_https_t &response, const req_https_t &request, const std::string &client_id)
bool	confighttp::validate_stored_csrf_token (const resp_https_t &response, const req_https_t &request, const std::string_view client_id, const std::string_view provided_token)
	Validate a stored CSRF token for a client against a provided token string.

Variables
constexpr auto	confighttp::CSRF_TOKEN_LIFETIME = std::chrono::hours(1)
constexpr auto	confighttp::CSRF_TOKEN_SIZE = 32
std::map< std::string, csrf_token_t, std::less<> >	confighttp::csrf_tokens
std::mutex	confighttp::csrf_tokens_mutex

Detailed Description

Definitions for the Web UI Config HTTP server.

Todo

Authentication, better handling of routes common to nvhttp, cleanup

Enumeration Type Documentation

op_e

enum class confighttp::op_e

strong

Enumerator
ADD	Add client.
REMOVE	Remove client.

Function Documentation

authenticate()

bool confighttp::authenticate	(	const resp_https_t &	response,
		const req_https_t &	request )

Authenticate the user.

Parameters

response	The HTTP response object.
request	The HTTP request object.

Returns

True if the user is authenticated, false otherwise.

bad_request()

void confighttp::bad_request	(	const resp_https_t &	response,
		const req_https_t &	request,
		const std::string &	error_message )

Send a 400 Bad Request response.

Parameters

response	The HTTP response object.
request	The HTTP request object.
error_message	The error message to include in the response.

browseDirectory()

void confighttp::browseDirectory	(	const resp_https_t &	response,
		const req_https_t &	request )

Browse the server filesystem.

Parameters

response	The HTTP response object.
request	The HTTP request object.

Note

On Windows, an empty or root path returns the list of available drive letters.

On non-Windows, an empty path defaults to the filesystem root ("/").

build_browse_entries()

nlohmann::json confighttp::build_browse_entries	(	const fs::path &	dir_path,
		const std::string &	type_str )

Lists, filters, and sorts the entries of a directory for the browse API.

Parameters

dir_path	The directory to list.
type_str	Filter type: "directory", "executable", "file", or "any".

Returns

Sorted JSON array of entry objects with name/type/path fields.

check_app_index()

bool confighttp::check_app_index	(	const resp_https_t &	response,
		const req_https_t &	request,
		int	index )

Validates the application index and sends an error response if invalid.

Parameters

response	The HTTP response object.
request	The HTTP request object.
index	The application index/id.

check_content_type()

bool confighttp::check_content_type	(	const resp_https_t &	response,
		const req_https_t &	request,
		const std::string_view &	contentType )

Validate the request content type and send a bad request when mismatched.

Parameters

response	The HTTP response object.
request	The HTTP request object.
contentType	The expected content type

closeApp()

void confighttp::closeApp	(	const resp_https_t &	response,
		const req_https_t &	request )

Close the currently running application.

Parameters

response	The HTTP response object.
request	The HTTP request object.

deleteApp()

void confighttp::deleteApp	(	const resp_https_t &	response,
		const req_https_t &	request )

Delete an application.

Parameters

response	The HTTP response object.
request	The HTTP request object.

generate_csrf_token()

std::string confighttp::generate_csrf_token

(

const std::string &

client_id

)

Generate a new CSRF token for a client.

Parameters

client_id

A unique identifier for the client (e.g., session ID or username).

Returns

The generated CSRF token.

get_client_id()

std::string confighttp::get_client_id

(

const req_https_t &

request

)

Get a unique client identifier for CSRF token management.

Parameters

request

The HTTP request object.

Returns

A unique identifier based on username or IP address.

get_windows_drives()

nlohmann::json confighttp::get_windows_drives

(

)

Builds a JSON array of available Windows drive letters.

Returns

JSON array of drive-letter entries.

getApps()

void confighttp::getApps	(	const resp_https_t &	response,
		const req_https_t &	request )

Get the list of available applications.

Parameters

response	The HTTP response object.
request	The HTTP request object.

getAsset()

void confighttp::getAsset	(	const resp_https_t &	response,
		const req_https_t &	request )

Get an asset.

Parameters

response	The HTTP response object.
request	The HTTP request object.

getClients()

void confighttp::getClients	(	const resp_https_t &	response,
		const req_https_t &	request )

Get the list of paired clients.

Parameters

response	The HTTP response object.
request	The HTTP request object.

getConfig()

void confighttp::getConfig	(	const resp_https_t &	response,
		const req_https_t &	request )

Get the configuration settings.

Parameters

response	The HTTP response object.
request	The HTTP request object.

getCover()

void confighttp::getCover	(	const resp_https_t &	response,
		const req_https_t &	request )

Get an application's image.

Parameters

response	The HTTP response object.
request	The HTTP request object.

Note

The index in the url path is the application index.

getCSRFToken()

void confighttp::getCSRFToken	(	const resp_https_t &	response,
		const req_https_t &	request )

Get a CSRF token for the authenticated user.

Parameters

response	The HTTP response object.
request	The HTTP request object.

getFaviconImage()

void confighttp::getFaviconImage	(	const resp_https_t &	response,
		const req_https_t &	request )

Get the favicon image.

Parameters

response	The HTTP response object.
request	The HTTP request object.

Todo

combine function with getSunshineLogoImage and possibly getNodeModules

use mime_types map

getLocale()

void confighttp::getLocale	(	const resp_https_t &	response,
		const req_https_t &	request )

Get the locale setting. This endpoint does not require authentication.

Parameters

response	The HTTP response object.
request	The HTTP request object.

getLogs()

void confighttp::getLogs	(	const resp_https_t &	response,
		const req_https_t &	request )

Get the logs from the log file.

Parameters

response	The HTTP response object.
request	The HTTP request object.

getPage()

void confighttp::getPage	(	const resp_https_t &	response,
		const req_https_t &	request,
		const char *	html_file,
		const bool	require_auth,
		const bool	redirect_if_username )

Get an HTML page.

Parameters

response	The HTTP response object.
request	The HTTP request object.
html_file	The HTML file to serve (relative to WEB_DIR).
require_auth	Whether to require authentication (default: true).
redirect_if_username	If true, redirect to "/" when the username is set (for welcome page).

getSunshineLogoImage()

void confighttp::getSunshineLogoImage	(	const resp_https_t &	response,
		const req_https_t &	request )

Get the Sunshine logo image.

Parameters

response	The HTTP response object.
request	The HTTP request object.

Todo

combine function with getFaviconImage and possibly getNodeModules

use mime_types map

getViGEmBusStatus()

void confighttp::getViGEmBusStatus	(	const resp_https_t &	response,
		const req_https_t &	request )

Get ViGEmBus driver version and installation status.

Parameters

response	The HTTP response object.
request	The HTTP request object.

installViGEmBus()

void confighttp::installViGEmBus	(	const resp_https_t &	response,
		const req_https_t &	request )

Install ViGEmBus driver with elevated permissions.

Parameters

response	The HTTP response object.
request	The HTTP request object.

is_browsable_executable()

bool confighttp::is_browsable_executable	(	const fs::directory_entry &	entry,
		const fs::file_status &	status )

Checks whether a directory entry qualifies as an executable file.

Parameters

entry	The directory entry to check.
status	The cached file status for the entry.

Returns

True if the file should be included in an executable-type listing.

isChildPath()

bool confighttp::isChildPath	(	fs::path const &	base,
		fs::path const &	query )

Check if a path is a child of another path.

Parameters

base	The base path.
query	The path to check.

Returns

True if the path is a child of the base path, false otherwise.

not_found()

void confighttp::not_found	(	const resp_https_t &	response,
		const req_https_t &	request,
		const std::string &	error_message )

Send a 404 Not Found response.

Parameters

response	The HTTP response object.
request	The HTTP request object.
error_message	The error message to include in the response.

print_req()

void confighttp::print_req

(

const req_https_t &

request

)

Log the request details.

Parameters

request

The HTTP request object.

resetDisplayDevicePersistence()

void confighttp::resetDisplayDevicePersistence	(	const resp_https_t &	response,
		const req_https_t &	request )

Reset the display device persistence.

Parameters

response	The HTTP response object.
request	The HTTP request object.

restart()

void confighttp::restart	(	const resp_https_t &	response,
		const req_https_t &	request )

Restart Sunshine.

Parameters

response	The HTTP response object.
request	The HTTP request object.

saveApp()

void confighttp::saveApp	(	const resp_https_t &	response,
		const req_https_t &	request )

Save an application. To save a new application, the index must be -1. To update an existing application, you must provide the current index of the application.

Parameters

response

The HTTP response object.

request

The HTTP request object. The body for the post request should be JSON serialized in the following format: { "name": "Application Name", "output": "Log Output Path", "cmd": "Command to run the application", "index": -1, "exclude-global-prep-cmd": false, "elevated": false, "auto-detach": true, "wait-all": true, "exit-timeout": 5, "prep-cmd": [ { "do": "Command to prepare", "undo": "Command to undo preparation", "elevated": false } ], "detached": [ "Detached command" ], "image-path": "Full path to the application image. Must be a png file." }

saveConfig()

void confighttp::saveConfig	(	const resp_https_t &	response,
		const req_https_t &	request )

Save the configuration settings.

Parameters

response	The HTTP response object.
request	The HTTP request object. The body for the POST request should be JSON serialized in the following format: { "key": "value" }

Attention

It is recommended to ONLY save the config settings that differ from the default behavior.

savePassword()

void confighttp::savePassword	(	const resp_https_t &	response,
		const req_https_t &	request )

Update existing credentials.

Parameters

response	The HTTP response object.
request	The HTTP request object. The body for the post request should be JSON serialized in the following format: { "currentUsername": "Current Username", "currentPassword": "Current Password", "newUsername": "New Username", "newPassword": "New Password", "confirmNewPassword": "Confirm New Password" }

savePin()

void confighttp::savePin	(	const resp_https_t &	response,
		const req_https_t &	request )

Send a pin code to the host. The pin is generated from the Moonlight client during the pairing process.

Parameters

response	The HTTP response object.
request	The HTTP request object. The body for the post request should be JSON serialized in the following format: { "pin": "<pin>", "name": "Friendly Client Name" }

send_redirect()

void confighttp::send_redirect	(	const resp_https_t &	response,
		const req_https_t &	request,
		const char *	path )

Send a redirect response.

Parameters

response	The HTTP response object.
request	The HTTP request object.
path	The path to redirect to.

send_response()

void confighttp::send_response	(	const resp_https_t &	response,
		const nlohmann::json &	output_tree )

Send a response.

Parameters

response	The HTTP response object.
output_tree	The JSON tree to send.

send_unauthorized()

void confighttp::send_unauthorized	(	const resp_https_t &	response,
		const req_https_t &	request )

Send a 401 Unauthorized response.

Parameters

response	The HTTP response object.
request	The HTTP request object.

unpair()

void confighttp::unpair	(	const resp_https_t &	response,
		const req_https_t &	request )

Unpair a client.

Parameters

response	The HTTP response object.
request	The HTTP request object. The body for the POST request should be JSON serialized in the following format: { "uuid": "<uuid>" }

unpairAll()

void confighttp::unpairAll	(	const resp_https_t &	response,
		const req_https_t &	request )

Unpair all clients.

Parameters

response	The HTTP response object.
request	The HTTP request object.

uploadCover()

void confighttp::uploadCover	(	const resp_https_t &	response,
		const req_https_t &	request )

Upload a cover image.

Parameters

response	The HTTP response object.
request	The HTTP request object. The body for the post request should be JSON serialized in the following format: { "key": "igdb_<game_id>", "url": "https://images.igdb.com/igdb/image/upload/t_cover_big_2x/<slug>.png" }

validate_stored_csrf_token()

bool confighttp::validate_stored_csrf_token	(	const resp_https_t &	response,
		const req_https_t &	request,
		const std::string_view	client_id,
		const std::string_view	provided_token )

Validate a stored CSRF token for a client against a provided token string.

Parameters

response	The HTTP response object.
request	The HTTP request object.
client_id	A unique identifier for the client.
provided_token	The token string to validate.

Returns

True if the token is valid, false otherwise.