You are currently browsing articles tagged Webduino.

Webduino, the web server library for Arduino, now supports HTTP Basic access authentication. You can download a .zip file of the latest version from GitHub. (Note: The download link does not point to a specific version, but always to the very latest version of Webduino including features and/or bugs that were added/fixed after I wrote this post. Here’s the front page of the GitHub repository.)

Authentication means that you can now protect the web-enabled functions of your Arduino with a username and password.

There is at least one other version of Webduino supporting authentication, written by Claudio Baldazzi. It’s in this post on the original Google Project site of Webduino, with an example here. When I started working on improvements of the Webduino, plus new features for my own use, I considered using Claudio’s version but decided against it for the following reason:

With the Claudio’s version all pages of the Arduino would be protected by the same username and password. However I wanted a way to distinguish different user levels. E.g. Person A should be allowed to see on the web whether the lights are on or off, but only Person B is allowed to flick the switch.

Here’s how I did it.

The WebServer class now has two new methods: httpUnauthorized() sends error 401 back to the client, which in the case of a regular web browser causes the user to see a prompt for username and password. checkCredentials() checks whether a username and password have been sent with the request and whether they are valid, i.e. they have certain values. In a Webduino command function you should first run checkCredentials() and depending on the return value either run your “protected” code, like turning on the lights, or fire httpUnauthorized(). See the methods’ subpages of the API documentation for example code.

As reported earlier I had been given an Arduino Uno. I subsequently received my Ethernet Shield to hook the board up to the network. I’m clearly heading towards the Internet of things… Although I am still not 100% certain about what I’m going to do with the board (or how many additional ones I am going to have to buy) one things is pretty clear: It will have to be controllable and/or configurable over a web interface.

I found the Webserver example that ships with the Arduino IDE to be rather dull and unflexible. It wasn’t long before I stumbled upon Webduino, a very flexible generic Web Server library originally written by Ben Combee. The Webduino project homepage on Google Project Hosting points to this GitHub page. I downloaded the version adapted to Arduino 1.0 and started hacking away. Let me say this now: Webduino does meet my expectations.

However after a short while I ran into problems. None of them were to blame on the library, but rather on myself, but that’s actually not the point of this post… When I ran Wireshark to look at the data going over the network I noticed that for every page loaded Firefox also tries to download favicon.ico from the web server. Since Webduino sends a 400 error back on any requests for resources that have not been defined Firefox just keeps retrying forever.

At around the same time I discovered that, to avoid excess traffic from robots, there is a default robots.txt built into Webduino. So I decided to add a default favicon.ico, based on the icon used in the “Web_Image” example that ships with Webduino. Now when the first page is requested, Firefox loads the icon file, which actually eats more resources than one 400 error, but it pays off down the road when Firefox caches the icon and does not request it again, saving the Arduino from having to generate many 400 errors…

Webduino "Hello World!" page with favicon.ico

Webduino "Hello World!" page with favicon.ico; this is the default favicon.ico in my version of Webduino

And since I see projects hosted on GitHub as an open invitation to fork I ended up with my own Webduino project on GitHub. Feel free to look at the code, to fork, clone, whatever (MIT license), and to let me know what you think! (Oh, and I gave the readme some TLC and also added a keywords.txt file for syntax highlighting.)

Update: I started to write a “beautiful” API documentation