NavGuard

[florian-senn]

Unauthorized users only can visit MainPage and Login

[tbnobody]

But I want non-authorized users to visit the info views.
If you don't want this, just deactivate this setting:

On the other hand, the backend is still readable with your PR. Just the frontend prevents the route access.

[florian-senn]

Unter der Route "/" ist ja die Live-Ansicht, diese ist dadurch noch zugänglich. Aber ja, es schützt nur das Frontend.

[3DJupp]

Hey, I mean, thats always something that should be taken care of. I recommend to use Cloudflare Access or any other kind of reverse proxy for remote access, so the ESP will not host anything in the web. For accessing the ESP in a dedicated VLAN i could allow or block certain protocols and ports.

[stefan123t]

@florian-senn we introduced the AuthenticationManager with ESPAsyncWebServer in #2320.
Is this PR still needed or would you prefer to implement your changes based on the current master / trunk ?

[florian-senn]

I've to take a closer look, as I haven't followed recent development further :-)