feat(firmware): M2 WiFi + on-device REST API
Adds the WiFi-to-app sync path and the on-device open REST API implementing the
device paths of api/openapi.yaml, plus persistent config in NVS.
What changed:
- firmware/src/config.{h,cpp}: NVS (Preferences) store - stable device id from MAC,
WiFi SSID/PSK, API bearer token, upload settings. Secrets stay off the SD card.
- firmware/src/net_wifi.{h,cpp}: station join with stored creds; SoftAP provisioning
fallback when no creds / join fails; mDNS openscribe.local; reconnect in loop().
- firmware/src/api_http.{h,cpp}: synchronous WebServer on :80. Routes: GET /device,
GET/PUT /device/config, GET /recordings, GET /recordings/{id}, GET
/recordings/{id}/audio (HTTP Range -> 206 + Content-Range), DELETE /recordings/{id},
POST /record/start|stop. Bearer-token auth on mutating calls (open when no token).
- firmware/src/storage.{h,cpp}: list/read/delete/count helpers + path builders.
- firmware/src/main.cpp: wire config + WiFi + API into setup/loop; bump fw to 0.2.0.
- firmware/platformio.ini: add bblanchon/ArduinoJson@^7 (only new dep).
- state/: ARCHITECTURE, NOTES, TODO updated; security + NTP follow-ups recorded.
Why:
- This is the WiFi transfer channel and the device half of the "completely open API":
clients can list, download (resumable), delete and control without any cloud.
Notes:
- Not compiled locally (no PlatformIO on the dev host) or hardware-verified; CI builds
both board profiles. Security follow-ups logged: API is open when no token is set,
and the SoftAP uses a fixed default passphrase (make user-set at M4/BLE).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
parent
16e3460642
commit
87a00265a3
13 changed files with 510 additions and 20 deletions
211
firmware/src/api_http.cpp
Normal file
211
firmware/src/api_http.cpp
Normal file
|
|
@ -0,0 +1,211 @@
|
|||
// SPDX-License-Identifier: GPL-3.0-only
|
||||
#include "api_http.h"
|
||||
|
||||
#include <ArduinoJson.h>
|
||||
#include <SD.h>
|
||||
#include <WebServer.h>
|
||||
|
||||
#include "config.h"
|
||||
#include "net_wifi.h"
|
||||
#include "recorder.h"
|
||||
#include "storage.h"
|
||||
|
||||
namespace {
|
||||
|
||||
WebServer server(80);
|
||||
|
||||
const char *FW_VERSION = "0.2.0";
|
||||
|
||||
// Format a uint64 (SD sizes exceed 32 bits) into a decimal String.
|
||||
String u64(uint64_t v) {
|
||||
char b[21];
|
||||
snprintf(b, sizeof(b), "%llu", (unsigned long long)v);
|
||||
return String(b);
|
||||
}
|
||||
|
||||
void sendJson(int code, const String &body) {
|
||||
server.sendHeader("Access-Control-Allow-Origin", "*");
|
||||
server.send(code, "application/json", body);
|
||||
}
|
||||
|
||||
void sendError(int code, const String &msg) {
|
||||
sendJson(code, String("{\"error\":\"") + msg + "\"}");
|
||||
}
|
||||
|
||||
// Bearer-token check for mutating endpoints. Empty stored token = auth disabled (open on a
|
||||
// trusted LAN); tightening this to require a token is a security follow-up (see TODO).
|
||||
bool authed() {
|
||||
String tok = config::apiToken();
|
||||
if (tok.isEmpty()) return true;
|
||||
return server.header("Authorization") == (String("Bearer ") + tok);
|
||||
}
|
||||
|
||||
const char *recStateStr() {
|
||||
return recorder::state() == recorder::State::Recording ? "recording" : "idle";
|
||||
}
|
||||
|
||||
// GET /api/v1/device
|
||||
void handleDevice() {
|
||||
JsonDocument doc;
|
||||
doc["device_id"] = config::deviceId();
|
||||
doc["firmware_version"] = FW_VERSION;
|
||||
doc["state"] = recStateStr();
|
||||
doc["power"] = "unknown"; // battery/charge detection lands in M3
|
||||
doc["battery_pct"] = nullptr;
|
||||
doc["storage_free_bytes"] = storage::freeBytes();
|
||||
doc["storage_total_bytes"] = storage::totalBytes();
|
||||
doc["recordings_count"] = storage::countRecordings();
|
||||
doc["wifi_connected"] = net_wifi::connected();
|
||||
doc["ip"] = net_wifi::ip();
|
||||
String out;
|
||||
serializeJson(doc, out);
|
||||
sendJson(200, out);
|
||||
}
|
||||
|
||||
// GET /api/v1/recordings
|
||||
void handleList() { sendJson(200, storage::listRecordingsJson()); }
|
||||
|
||||
// GET /api/v1/recordings/{id}
|
||||
void handleGetMeta() {
|
||||
const String id = server.pathArg(0);
|
||||
const String meta = storage::readFile(storage::recMetaPath(id));
|
||||
if (meta.isEmpty()) return sendError(404, "No such recording");
|
||||
sendJson(200, meta);
|
||||
}
|
||||
|
||||
// DELETE /api/v1/recordings/{id}
|
||||
void handleDelete() {
|
||||
if (!authed()) return sendError(401, "Unauthorized");
|
||||
const String id = server.pathArg(0);
|
||||
if (!storage::removeRecording(id)) return sendError(404, "No such recording");
|
||||
server.send(204, "application/json", "");
|
||||
}
|
||||
|
||||
// GET /api/v1/recordings/{id}/audio (supports HTTP Range)
|
||||
void handleAudio() {
|
||||
const String id = server.pathArg(0);
|
||||
File f = SD.open(storage::recWavPath(id), FILE_READ);
|
||||
if (!f) return sendError(404, "No such recording");
|
||||
|
||||
const size_t total = f.size();
|
||||
server.sendHeader("Accept-Ranges", "bytes");
|
||||
|
||||
size_t start = 0, end = (total ? total - 1 : 0);
|
||||
bool partial = false;
|
||||
String range = server.header("Range");
|
||||
if (range.startsWith("bytes=")) {
|
||||
partial = true;
|
||||
range = range.substring(6);
|
||||
int dash = range.indexOf('-');
|
||||
start = range.substring(0, dash).toInt();
|
||||
String es = range.substring(dash + 1);
|
||||
if (es.length()) end = es.toInt();
|
||||
}
|
||||
if (start >= total) {
|
||||
f.close();
|
||||
return sendError(416, "Range not satisfiable");
|
||||
}
|
||||
if (end >= total) end = total - 1;
|
||||
const size_t len = end - start + 1;
|
||||
f.seek(start);
|
||||
|
||||
if (partial) {
|
||||
server.sendHeader("Content-Range",
|
||||
"bytes " + String(start) + "-" + String(end) + "/" + String(total));
|
||||
server.setContentLength(len);
|
||||
server.send(206, "audio/wav", "");
|
||||
} else {
|
||||
server.setContentLength(total);
|
||||
server.send(200, "audio/wav", "");
|
||||
}
|
||||
|
||||
uint8_t buf[1024];
|
||||
size_t remaining = len;
|
||||
while (remaining > 0) {
|
||||
size_t want = remaining < sizeof(buf) ? remaining : sizeof(buf);
|
||||
size_t n = f.read(buf, want);
|
||||
if (n == 0) break;
|
||||
server.sendContent(reinterpret_cast<char *>(buf), n);
|
||||
remaining -= n;
|
||||
}
|
||||
f.close();
|
||||
}
|
||||
|
||||
// POST /api/v1/record/start
|
||||
void handleRecordStart() {
|
||||
if (!authed()) return sendError(401, "Unauthorized");
|
||||
if (!recorder::startRecording()) return sendError(409, "Already recording");
|
||||
sendJson(200, String("{\"id\":\"") + recorder::currentId() +
|
||||
"\",\"state\":\"recording\"}");
|
||||
}
|
||||
|
||||
// POST /api/v1/record/stop
|
||||
void handleRecordStop() {
|
||||
if (!authed()) return sendError(401, "Unauthorized");
|
||||
const String id = recorder::currentId();
|
||||
if (!recorder::stopRecording()) return sendError(409, "Not recording");
|
||||
const String meta = storage::readFile(storage::recMetaPath(id));
|
||||
sendJson(200, meta.isEmpty() ? String("{\"id\":\"") + id + "\"}" : meta);
|
||||
}
|
||||
|
||||
// GET /api/v1/device/config (secrets never returned)
|
||||
void handleGetConfig() {
|
||||
JsonDocument doc;
|
||||
doc["device_id"] = config::deviceId();
|
||||
doc["wifi_ssid"] = config::wifiSsid();
|
||||
doc["upload_target"] = config::uploadTarget();
|
||||
doc["codec"] = "wav_pcm_s16le";
|
||||
doc["sample_rate"] = 16000;
|
||||
String out;
|
||||
serializeJson(doc, out);
|
||||
sendJson(200, out);
|
||||
}
|
||||
|
||||
// PUT /api/v1/device/config
|
||||
void handlePutConfig() {
|
||||
if (!authed()) return sendError(401, "Unauthorized");
|
||||
JsonDocument doc;
|
||||
if (deserializeJson(doc, server.arg("plain"))) {
|
||||
return sendError(400, "Invalid JSON");
|
||||
}
|
||||
if (doc["wifi_ssid"].is<const char *>()) {
|
||||
config::setWifi(doc["wifi_ssid"].as<String>(),
|
||||
doc["wifi_psk"] | config::wifiPsk());
|
||||
}
|
||||
if (doc["api_token"].is<const char *>()) {
|
||||
config::setApiToken(doc["api_token"].as<String>());
|
||||
}
|
||||
if (doc["upload_target"].is<const char *>()) {
|
||||
config::setUploadTarget(doc["upload_target"].as<String>());
|
||||
}
|
||||
// WiFi changes take effect on next reboot/reconnect.
|
||||
sendJson(200, "{\"status\":\"ok\",\"note\":\"reboot to apply WiFi changes\"}");
|
||||
}
|
||||
|
||||
} // namespace
|
||||
|
||||
namespace api_http {
|
||||
|
||||
void begin() {
|
||||
// WebServer only retains headers we ask for.
|
||||
const char *headers[] = {"Authorization", "Range"};
|
||||
server.collectHeaders(headers, 2);
|
||||
|
||||
server.on("/api/v1/device", HTTP_GET, handleDevice);
|
||||
server.on("/api/v1/device/config", HTTP_GET, handleGetConfig);
|
||||
server.on("/api/v1/device/config", HTTP_PUT, handlePutConfig);
|
||||
server.on("/api/v1/recordings", HTTP_GET, handleList);
|
||||
// Register the more specific /audio route before the generic {id} route.
|
||||
server.on("/api/v1/recordings/{}/audio", HTTP_GET, handleAudio);
|
||||
server.on("/api/v1/recordings/{}", HTTP_GET, handleGetMeta);
|
||||
server.on("/api/v1/recordings/{}", HTTP_DELETE, handleDelete);
|
||||
server.on("/api/v1/record/start", HTTP_POST, handleRecordStart);
|
||||
server.on("/api/v1/record/stop", HTTP_POST, handleRecordStop);
|
||||
|
||||
server.onNotFound([]() { sendError(404, "Not found"); });
|
||||
server.begin();
|
||||
}
|
||||
|
||||
void loop() { server.handleClient(); }
|
||||
|
||||
} // namespace api_http
|
||||
Loading…
Add table
Add a link
Reference in a new issue