Drop WebUI default credentials

PR #19777.

src/app/application.cpp

@@ -98,12 +98,14 @@
 #include "gui/mainwindow.h"
 #include "gui/shutdownconfirmdialog.h"
 #include "gui/uithememanager.h"
-#include "gui/utils.h"
 #include "gui/windowstate.h"
 #endif // DISABLE_GUI
 
 #ifndef DISABLE_WEBUI
 #include "webui/webui.h"
+#ifdef DISABLE_GUI
+#include "base/utils/password.h"
+#endif
 #endif
 
 namespace
@@ -305,8 +307,8 @@ Application::Application(int &argc, char **argv)
     if (isFileLoggerEnabled())
         m_fileLogger = new FileLogger(fileLoggerPath(), isFileLoggerBackup(), fileLoggerMaxSize(), isFileLoggerDeleteOld(), fileLoggerAge(), static_cast<FileLogger::FileLogAgeType>(fileLoggerAgeType()));
 
-    if (m_commandLineArgs.webUiPort > 0) // it will be -1 when user did not set any value
-        Preferences::instance()->setWebUiPort(m_commandLineArgs.webUiPort);
+    if (m_commandLineArgs.webUIPort > 0) // it will be -1 when user did not set any value
+        Preferences::instance()->setWebUIPort(m_commandLineArgs.webUIPort);
 
     if (m_commandLineArgs.torrentingPort > 0) // it will be -1 when user did not set any value
     {
@@ -885,9 +887,18 @@ int Application::exec()
 #endif // DISABLE_GUI
 
 #ifndef DISABLE_WEBUI
+#ifndef DISABLE_GUI
         m_webui = new WebUI(this);
-#ifdef DISABLE_GUI
-        connect(m_webui, &WebUI::error, this, [](const QString &message) { fprintf(stderr, "%s\n", qUtf8Printable(message)); });
+#else
+        const auto *pref = Preferences::instance();
+
+        const QString tempPassword = pref->getWebUIPassword().isEmpty()
+                ? Utils::Password::generate() : QString();
+        m_webui = new WebUI(this, (!tempPassword.isEmpty() ? Utils::Password::PBKDF2::generate(tempPassword) : QByteArray()));
+        connect(m_webui, &WebUI::error, this, [](const QString &message)
+        {
+            fprintf(stderr, "WebUI configuration failed. Reason: %s\n", qUtf8Printable(message));
+        });
 
         printf("%s", qUtf8Printable(u"\n******** %1 ********\n"_s.arg(tr("Information"))));
 
@@ -905,12 +916,11 @@ int Application::exec()
                     , QString::number(m_webui->port()));
             printf("%s\n", qUtf8Printable(tr("To control qBittorrent, access the WebUI at: %1").arg(url)));
 
-            const Preferences *pref = Preferences::instance();
-            if (pref->getWebUIPassword() == QByteArrayLiteral("ARQ77eY1NUZaQsuDHbIMCA==:0WMRkYTUWVT9wVvdDtHAjU9b3b7uB8NR1Gur2hmQCvCDpm39Q+PsJRJPaCU51dEiz+dTzh8qbPsL8WkFljQYFQ=="))
+            if (!tempPassword.isEmpty())
             {
-                const QString warning = tr("The Web UI administrator username is: %1").arg(pref->getWebUiUsername()) + u'\n'
-                        + tr("The Web UI administrator password has not been changed from the default: %1").arg(u"adminadmin"_s) + u'\n'
-                        + tr("This is a security risk, please change your password in program preferences.") + u'\n';
+                const QString warning = tr("The WebUI administrator username is: %1").arg(pref->getWebUIUsername()) + u'\n'
+                        + tr("The WebUI administrator password was not set. A temporary password is provided for this session: %1").arg(tempPassword) + u'\n'
+                        + tr("You should set your own password in program preferences.") + u'\n';
                 printf("%s", qUtf8Printable(warning));
             }
         }
@@ -1357,3 +1367,10 @@ AddTorrentManagerImpl *Application::addTorrentManager() const
 {
     return m_addTorrentManager;
 }
+
+#ifndef DISABLE_WEBUI
+WebUI *Application::webUI() const
+{
+    return m_webui;
+}
+#endif

src/app/application.h

@@ -153,6 +153,9 @@ private slots:
 
 private:
     AddTorrentManagerImpl *addTorrentManager() const override;
+#ifndef DISABLE_WEBUI
+    WebUI *webUI() const override;
+#endif
 
     void initializeTranslation();
     void processParams(const QBtCommandLineParameters &params);

src/app/cmdoptions.cpp

@@ -329,7 +329,7 @@ QBtCommandLineParameters::QBtCommandLineParameters(const QProcessEnvironment &en
 #elif !defined(Q_OS_WIN)
     , shouldDaemonize(DAEMON_OPTION.value(env))
 #endif
-    , webUiPort(WEBUI_PORT_OPTION.value(env, -1))
+    , webUIPort(WEBUI_PORT_OPTION.value(env, -1))
     , torrentingPort(TORRENTING_PORT_OPTION.value(env, -1))
     , skipDialog(SKIP_DIALOG_OPTION.value(env))
     , profileDir(PROFILE_OPTION.value(env))
@@ -367,8 +367,8 @@ QBtCommandLineParameters parseCommandLine(const QStringList &args)
 #endif
             else if (arg == WEBUI_PORT_OPTION)
             {
-                result.webUiPort = WEBUI_PORT_OPTION.value(arg);
-                if ((result.webUiPort < 1) || (result.webUiPort > 65535))
+                result.webUIPort = WEBUI_PORT_OPTION.value(arg);
+                if ((result.webUIPort < 1) || (result.webUIPort > 65535))
                     throw CommandLineParameterError(QCoreApplication::translate("CMD Options", "%1 must specify a valid port (1 to 65535).")
                                                     .arg(u"--webui-port"_s));
             }
@@ -489,7 +489,7 @@ QString makeUsage(const QString &prgName)
 #endif
         + SHOW_HELP_OPTION.usage() + wrapText(QCoreApplication::translate("CMD Options", "Display this help message and exit")) + u'\n'
         + WEBUI_PORT_OPTION.usage(QCoreApplication::translate("CMD Options", "port"))
-        + wrapText(QCoreApplication::translate("CMD Options", "Change the Web UI port"))
+        + wrapText(QCoreApplication::translate("CMD Options", "Change the WebUI port"))
         + u'\n'
         + TORRENTING_PORT_OPTION.usage(QCoreApplication::translate("CMD Options", "port"))
         + wrapText(QCoreApplication::translate("CMD Options", "Change the torrenting port"))

src/app/cmdoptions.h

@@ -53,7 +53,7 @@ struct QBtCommandLineParameters
 #elif !defined(Q_OS_WIN)
     bool shouldDaemonize = false;
 #endif
-    int webUiPort = -1;
+    int webUIPort = -1;
     int torrentingPort = -1;
     std::optional<bool> skipDialog;
     Path profileDir;

src/base/interfaces/iapplication.h

@@ -36,6 +36,7 @@
 #include "base/pathfwd.h"
 
 class AddTorrentManager;
+class WebUI;
 struct QBtCommandLineParameters;
 
 #ifdef Q_OS_WIN
@@ -85,4 +86,7 @@ class IApplication
 #endif
 
     virtual AddTorrentManager *addTorrentManager() const = 0;
+#ifndef DISABLE_WEBUI
+    virtual WebUI *webUI() const = 0;
+#endif
 };

src/base/preferences.cpp

@@ -629,7 +629,7 @@ void Preferences::setSearchEnabled(const bool enabled)
     setValue(u"Preferences/Search/SearchEnabled"_s, enabled);
 }
 
-bool Preferences::isWebUiEnabled() const
+bool Preferences::isWebUIEnabled() const
 {
 #ifdef DISABLE_GUI
     const bool defaultValue = true;
@@ -639,41 +639,41 @@ bool Preferences::isWebUiEnabled() const
     return value(u"Preferences/WebUI/Enabled"_s, defaultValue);
 }
 
-void Preferences::setWebUiEnabled(const bool enabled)
+void Preferences::setWebUIEnabled(const bool enabled)
 {
-    if (enabled == isWebUiEnabled())
+    if (enabled == isWebUIEnabled())
         return;
 
     setValue(u"Preferences/WebUI/Enabled"_s, enabled);
 }
 
-bool Preferences::isWebUiLocalAuthEnabled() const
+bool Preferences::isWebUILocalAuthEnabled() const
 {
     return value(u"Preferences/WebUI/LocalHostAuth"_s, true);
 }
 
-void Preferences::setWebUiLocalAuthEnabled(const bool enabled)
+void Preferences::setWebUILocalAuthEnabled(const bool enabled)
 {
-    if (enabled == isWebUiLocalAuthEnabled())
+    if (enabled == isWebUILocalAuthEnabled())
         return;
 
     setValue(u"Preferences/WebUI/LocalHostAuth"_s, enabled);
 }
 
-bool Preferences::isWebUiAuthSubnetWhitelistEnabled() const
+bool Preferences::isWebUIAuthSubnetWhitelistEnabled() const
 {
     return value(u"Preferences/WebUI/AuthSubnetWhitelistEnabled"_s, false);
 }
 
-void Preferences::setWebUiAuthSubnetWhitelistEnabled(const bool enabled)
+void Preferences::setWebUIAuthSubnetWhitelistEnabled(const bool enabled)
 {
-    if (enabled == isWebUiAuthSubnetWhitelistEnabled())
+    if (enabled == isWebUIAuthSubnetWhitelistEnabled())
         return;
 
     setValue(u"Preferences/WebUI/AuthSubnetWhitelistEnabled"_s, enabled);
 }
 
-QVector<Utils::Net::Subnet> Preferences::getWebUiAuthSubnetWhitelist() const
+QVector<Utils::Net::Subnet> Preferences::getWebUIAuthSubnetWhitelist() const
 {
     const auto subnets = value<QStringList>(u"Preferences/WebUI/AuthSubnetWhitelist"_s);
 
@@ -690,7 +690,7 @@ QVector<Utils::Net::Subnet> Preferences::getWebUiAuthSubnetWhitelist() const
     return ret;
 }
 
-void Preferences::setWebUiAuthSubnetWhitelist(QStringList subnets)
+void Preferences::setWebUIAuthSubnetWhitelist(QStringList subnets)
 {
     subnets.removeIf([](const QString &subnet)
     {
@@ -713,27 +713,27 @@ void Preferences::setServerDomains(const QString &str)
     setValue(u"Preferences/WebUI/ServerDomains"_s, str);
 }
 
-QString Preferences::getWebUiAddress() const
+QString Preferences::getWebUIAddress() const
 {
     return value<QString>(u"Preferences/WebUI/Address"_s, u"*"_s).trimmed();
 }
 
-void Preferences::setWebUiAddress(const QString &addr)
+void Preferences::setWebUIAddress(const QString &addr)
 {
-    if (addr == getWebUiAddress())
+    if (addr == getWebUIAddress())
         return;
 
     setValue(u"Preferences/WebUI/Address"_s, addr.trimmed());
 }
 
-quint16 Preferences::getWebUiPort() const
+quint16 Preferences::getWebUIPort() const
 {
     return value<quint16>(u"Preferences/WebUI/Port"_s, 8080);
 }
 
-void Preferences::setWebUiPort(const quint16 port)
+void Preferences::setWebUIPort(const quint16 port)
 {
-    if (port == getWebUiPort())
+    if (port == getWebUIPort())
         return;
 
     // cast to `int` type so it will show human readable unit in configuration file
@@ -753,24 +753,22 @@ void Preferences::setUPnPForWebUIPort(const bool enabled)
     setValue(u"Preferences/WebUI/UseUPnP"_s, enabled);
 }
 
-QString Preferences::getWebUiUsername() const
+QString Preferences::getWebUIUsername() const
 {
     return value<QString>(u"Preferences/WebUI/Username"_s, u"admin"_s);
 }
 
-void Preferences::setWebUiUsername(const QString &username)
+void Preferences::setWebUIUsername(const QString &username)
 {
-    if (username == getWebUiUsername())
+    if (username == getWebUIUsername())
         return;
 
     setValue(u"Preferences/WebUI/Username"_s, username);
 }
 
 QByteArray Preferences::getWebUIPassword() const
 {
-    // default: adminadmin
-    const auto defaultValue = QByteArrayLiteral("ARQ77eY1NUZaQsuDHbIMCA==:0WMRkYTUWVT9wVvdDtHAjU9b3b7uB8NR1Gur2hmQCvCDpm39Q+PsJRJPaCU51dEiz+dTzh8qbPsL8WkFljQYFQ==");
-    return value(u"Preferences/WebUI/Password_PBKDF2"_s, defaultValue);
+    return value<QByteArray>(u"Preferences/WebUI/Password_PBKDF2"_s);
 }
 
 void Preferences::setWebUIPassword(const QByteArray &password)
@@ -833,40 +831,40 @@ void Preferences::setWebAPISessionCookieName(const QString &cookieName)
     setValue(u"WebAPI/SessionCookieName"_s, cookieName);
 }
 
-bool Preferences::isWebUiClickjackingProtectionEnabled() const
+bool Preferences::isWebUIClickjackingProtectionEnabled() const
 {
     return value(u"Preferences/WebUI/ClickjackingProtection"_s, true);
 }
 
-void Preferences::setWebUiClickjackingProtectionEnabled(const bool enabled)
+void Preferences::setWebUIClickjackingProtectionEnabled(const bool enabled)
 {
-    if (enabled == isWebUiClickjackingProtectionEnabled())
+    if (enabled == isWebUIClickjackingProtectionEnabled())
         return;
 
     setValue(u"Preferences/WebUI/ClickjackingProtection"_s, enabled);
 }
 
-bool Preferences::isWebUiCSRFProtectionEnabled() const
+bool Preferences::isWebUICSRFProtectionEnabled() const
 {
     return value(u"Preferences/WebUI/CSRFProtection"_s, true);
 }
 
-void Preferences::setWebUiCSRFProtectionEnabled(const bool enabled)
+void Preferences::setWebUICSRFProtectionEnabled(const bool enabled)
 {
-    if (enabled == isWebUiCSRFProtectionEnabled())
+    if (enabled == isWebUICSRFProtectionEnabled())
         return;
 
     setValue(u"Preferences/WebUI/CSRFProtection"_s, enabled);
 }
 
-bool Preferences::isWebUiSecureCookieEnabled() const
+bool Preferences::isWebUISecureCookieEnabled() const
 {
     return value(u"Preferences/WebUI/SecureCookie"_s, true);
 }
 
-void Preferences::setWebUiSecureCookieEnabled(const bool enabled)
+void Preferences::setWebUISecureCookieEnabled(const bool enabled)
 {
-    if (enabled == isWebUiSecureCookieEnabled())
+    if (enabled == isWebUISecureCookieEnabled())
         return;
 
     setValue(u"Preferences/WebUI/SecureCookie"_s, enabled);
@@ -885,14 +883,14 @@ void Preferences::setWebUIHostHeaderValidationEnabled(const bool enabled)
     setValue(u"Preferences/WebUI/HostHeaderValidation"_s, enabled);
 }
 
-bool Preferences::isWebUiHttpsEnabled() const
+bool Preferences::isWebUIHttpsEnabled() const
 {
     return value(u"Preferences/WebUI/HTTPS/Enabled"_s, false);
 }
 
-void Preferences::setWebUiHttpsEnabled(const bool enabled)
+void Preferences::setWebUIHttpsEnabled(const bool enabled)
 {
-    if (enabled == isWebUiHttpsEnabled())
+    if (enabled == isWebUIHttpsEnabled())
         return;
 
     setValue(u"Preferences/WebUI/HTTPS/Enabled"_s, enabled);
@@ -924,27 +922,27 @@ void Preferences::setWebUIHttpsKeyPath(const Path &path)
     setValue(u"Preferences/WebUI/HTTPS/KeyPath"_s, path);
 }
 
-bool Preferences::isAltWebUiEnabled() const
+bool Preferences::isAltWebUIEnabled() const
 {
     return value(u"Preferences/WebUI/AlternativeUIEnabled"_s, false);
 }
 
-void Preferences::setAltWebUiEnabled(const bool enabled)
+void Preferences::setAltWebUIEnabled(const bool enabled)
 {
-    if (enabled == isAltWebUiEnabled())
+    if (enabled == isAltWebUIEnabled())
         return;
 
     setValue(u"Preferences/WebUI/AlternativeUIEnabled"_s, enabled);
 }
 
-Path Preferences::getWebUiRootFolder() const
+Path Preferences::getWebUIRootFolder() const
 {
     return value<Path>(u"Preferences/WebUI/RootFolder"_s);
 }
 
-void Preferences::setWebUiRootFolder(const Path &path)
+void Preferences::setWebUIRootFolder(const Path &path)
 {
-    if (path == getWebUiRootFolder())
+    if (path == getWebUIRootFolder())
         return;
 
     setValue(u"Preferences/WebUI/RootFolder"_s, path);