From 4b9cb27e5800c0be934b0916f1a3894ea6e9beac Mon Sep 17 00:00:00 2001
From: Gunnar Skjold <gunnar@origin.no>
Date: Tue, 11 Feb 2020 17:32:18 +0100
Subject: [PATCH] Disable web security if AP mode is triggered

---
 src/web/AmsWebServer.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/web/AmsWebServer.cpp b/src/web/AmsWebServer.cpp
index 06fa5546..d8c15b24 100644
--- a/src/web/AmsWebServer.cpp
+++ b/src/web/AmsWebServer.cpp
@@ -87,7 +87,7 @@ void AmsWebServer::setJson(StaticJsonDocument<500> json) {
 }
 
 bool AmsWebServer::checkSecurity(byte level) {
-	bool access = !config->hasConfig() || config->authSecurity < level;
+	bool access = WiFi.getMode() == WIFI_AP || !config->hasConfig() || config->authSecurity < level;
 	if(!access && config->authSecurity >= level && server.hasHeader("Authorization")) {
 		println(" forcing web security");
 		String expectedAuth = String(config->authUser) + ":" + String(config->authPass);