forms: Add configuration to enable external access

After discussion in the Discord server, and some internal discussion,
this was deemed a reasonable patch for various security concerns. This
basically controls whether obs-websocket binds to 127.0.0.1 or 0.0.0.0.

I decided to have obs-websocket bind to 127.0.0.1 by default, since
most users appear to be using obs-websocket on the same machines as
their client software. This will be changed if it poses significant
support-related issues.

Further security solutions have been discussed, but are either a heavy
amount of work, or significantly impact client applications' connect
flows.

One idea that I should mention is like a cookie system, where:
- On first connect, obs-websocket asks the user to approve the
connection.
- After authentication, obs-websocket gives the client a token in the
`Identified` message, which the client stores.
- On future connects, the client uses this token, along with the
password, to authenticate without needing user confirmation.

This system will likely be implemented in a future version of
obs-websocket.

Closes #907

data/locale/en-US.ini

@@ -9,11 +9,14 @@ OBSWebSocket.Settings.DebugEnable="Enable Debug Logging"
 OBSWebSocket.Settings.DebugEnableHoverText="Enables debug logging for the current instance of OBS. Does not persist on load.\nUse --websocket_debug to enable on load."
 
 OBSWebSocket.Settings.ServerSettingsTitle="Server Settings"
+OBSWebSocket.Settings.ServerPort="Server Port"
+OBSWebSocket.Settings.AllowExternal="Allow External Access"
+OBSWebSocket.Settings.AllowExternalHoverText="Allows clients from outside this computer to connect to obs-websocket."
 OBSWebSocket.Settings.AuthRequired="Enable Authentication"
 OBSWebSocket.Settings.Password="Server Password"
 OBSWebSocket.Settings.GeneratePassword="Generate Password"
-OBSWebSocket.Settings.ServerPort="Server Port"
 OBSWebSocket.Settings.ShowConnectInfo="Show Connect Info"
+OBSWebSocket.Settings.ShowConnectInfoHoverText="Connect Info is not available if external connections are disabled."
 OBSWebSocket.Settings.ShowConnectInfoWarningTitle="Warning: Currently Live"
 OBSWebSocket.Settings.ShowConnectInfoWarningMessage="It appears that an output (stream, recording, etc.) is currently active."
 OBSWebSocket.Settings.ShowConnectInfoWarningInfoText="Are you sure that you want to show your connect info?"

src/forms/SettingsDialog.cpp

@@ -52,7 +52,9 @@ SettingsDialog::SettingsDialog(QWidget* parent) :
 	setWindowFlags(windowFlags() & ~Qt::WindowContextHelpButtonHint);
 
 	// Set the appropriate tooltip icon for the theme
-	ui->enableDebugLoggingToolTipLabel->setText(GetToolTipIconHtml());
+	QString toolTipHtml = GetToolTipIconHtml();
+	ui->enableDebugLoggingToolTipLabel->setText(toolTipHtml);
+	ui->allowExternalToolTipLabel->setText(toolTipHtml);
 
 	connect(sessionTableTimer, &QTimer::timeout,
 		this, &SettingsDialog::FillSessionTable);
@@ -83,18 +85,8 @@ void SettingsDialog::showEvent(QShowEvent *)
 		return;
 	}
 
-	ui->enableWebSocketServerCheckBox->setChecked(conf->ServerEnabled);
-	ui->enableSystemTrayAlertsCheckBox->setChecked(conf->AlertsEnabled);
-	ui->enableDebugLoggingCheckBox->setChecked(conf->DebugEnabled);
-	ui->enableAuthenticationCheckBox->setChecked(conf->AuthRequired);
-	ui->serverPasswordLineEdit->setText(conf->ServerPassword);
-	ui->serverPasswordLineEdit->setEnabled(conf->AuthRequired);
-	ui->generatePasswordButton->setEnabled(conf->AuthRequired);
-	ui->serverPortSpinBox->setValue(conf->ServerPort);
-
-	if (conf->PortOverridden) {
+	if (conf->PortOverridden)
 		ui->serverPortSpinBox->setEnabled(false);
-	}
 
 	if (conf->PasswordOverridden) {
 		ui->enableAuthenticationCheckBox->setEnabled(false);
@@ -104,7 +96,7 @@ void SettingsDialog::showEvent(QShowEvent *)
 
 	passwordManuallyEdited = false;
 
-	FillSessionTable();
+	RefreshData();
 
 	sessionTableTimer->start(1000);
 }
@@ -125,6 +117,31 @@ void SettingsDialog::ToggleShowHide()
 		setVisible(false);
 }
 
+void SettingsDialog::RefreshData()
+{
+	auto conf = GetConfig();
+	if (!conf) {
+		blog(LOG_ERROR, "[SettingsDialog::RefreshData] Unable to retreive config!");
+		return;
+	}
+
+	ui->enableWebSocketServerCheckBox->setChecked(conf->ServerEnabled);
+	ui->enableSystemTrayAlertsCheckBox->setChecked(conf->AlertsEnabled);
+	ui->enableDebugLoggingCheckBox->setChecked(conf->DebugEnabled);
+	ui->serverPortSpinBox->setValue(conf->ServerPort);
+	ui->allowExternalCheckBox->setChecked(!conf->BindLoopback);
+	ui->enableAuthenticationCheckBox->setChecked(conf->AuthRequired);
+	ui->serverPasswordLineEdit->setText(conf->ServerPassword);
+
+	ui->showConnectInfoButton->setEnabled(!conf->BindLoopback);
+	ui->serverPasswordLineEdit->setEnabled(conf->AuthRequired);
+	ui->generatePasswordButton->setEnabled(conf->AuthRequired);
+
+	ui->showConnectInfoButton->setToolTip(ui->allowExternalCheckBox->isChecked() ? "" : obs_module_text("OBSWebSocket.Settings.ShowConnectInfoHoverText"));
+
+	FillSessionTable();
+}
+
 void SettingsDialog::DialogButtonClicked(QAbstractButton *button)
 {
 	if (button == ui->buttonBox->button(QDialogButtonBox::Ok)) {
@@ -173,17 +190,20 @@ void SettingsDialog::SaveFormData()
 
 	bool needsRestart = (conf->ServerEnabled != ui->enableWebSocketServerCheckBox->isChecked()) ||
 						(ui->enableAuthenticationCheckBox->isChecked() && conf->ServerPassword != ui->serverPasswordLineEdit->text()) ||
+						(conf->BindLoopback == ui->allowExternalCheckBox->isChecked()) ||
 						(conf->ServerPort != ui->serverPortSpinBox->value());
 
 	conf->ServerEnabled = ui->enableWebSocketServerCheckBox->isChecked();
 	conf->AlertsEnabled = ui->enableSystemTrayAlertsCheckBox->isChecked();
 	conf->DebugEnabled = ui->enableDebugLoggingCheckBox->isChecked();
+	conf->ServerPort = ui->serverPortSpinBox->value();
+	conf->BindLoopback = !ui->allowExternalCheckBox->isChecked();
 	conf->AuthRequired = ui->enableAuthenticationCheckBox->isChecked();
 	conf->ServerPassword = ui->serverPasswordLineEdit->text();
-	conf->ServerPort = ui->serverPortSpinBox->value();
 
 	conf->Save();
 
+	RefreshData();
 	connectInfo->RefreshData();
 
 	if (needsRestart) {

src/forms/SettingsDialog.h

@@ -37,6 +37,7 @@ public:
 	void showEvent(QShowEvent *event);
 	void hideEvent(QHideEvent *event);
 	void ToggleShowHide();
+	void RefreshData();
 
 private Q_SLOTS:
 	void DialogButtonClicked(QAbstractButton *button);

src/forms/SettingsDialog.ui

@@ -155,21 +155,21 @@
         </property>
        </widget>
       </item>
-      <item row="1" column="1">
+      <item row="3" column="1">
        <widget class="QCheckBox" name="enableAuthenticationCheckBox">
         <property name="text">
          <string>OBSWebSocket.Settings.AuthRequired</string>
         </property>
        </widget>
       </item>
-      <item row="2" column="0">
+      <item row="4" column="0">
        <widget class="QLabel" name="serverPasswordLabel">
         <property name="text">
          <string>OBSWebSocket.Settings.Password</string>
         </property>
        </widget>
       </item>
-      <item row="2" column="1">
+      <item row="4" column="1">
        <layout class="QHBoxLayout" name="horizontalLayout">
         <item>
          <widget class="QLineEdit" name="serverPasswordLineEdit">
@@ -187,7 +187,7 @@
         </item>
        </layout>
       </item>
-      <item row="3" column="0">
+      <item row="5" column="0">
        <spacer name="horizontalSpacer_2">
         <property name="orientation">
          <enum>Qt::Horizontal</enum>
@@ -203,13 +203,47 @@
         </property>
        </spacer>
       </item>
-      <item row="3" column="1">
+      <item row="5" column="1">
        <widget class="QPushButton" name="showConnectInfoButton">
         <property name="text">
          <string>OBSWebSocket.Settings.ShowConnectInfo</string>
         </property>
        </widget>
       </item>
+      <item row="1" column="1">
+       <layout class="QHBoxLayout" name="horizontalLayout_3">
+        <item>
+         <widget class="QCheckBox" name="allowExternalCheckBox">
+          <property name="text">
+           <string>OBSWebSocket.Settings.AllowExternal</string>
+          </property>
+         </widget>
+        </item>
+        <item>
+         <widget class="QLabel" name="allowExternalToolTipLabel">
+          <property name="toolTip">
+           <string>OBSWebSocket.Settings.AllowExternalHoverText</string>
+          </property>
+          <property name="text">
+           <string/>
+          </property>
+         </widget>
+        </item>
+        <item>
+         <spacer name="horizontalSpacer_4">
+          <property name="orientation">
+           <enum>Qt::Horizontal</enum>
+          </property>
+          <property name="sizeHint" stdset="0">
+           <size>
+            <width>40</width>
+            <height>20</height>
+           </size>
+          </property>
+         </spacer>
+        </item>
+       </layout>
+      </item>
      </layout>
     </widget>
    </item>

src/websocketserver/WebSocketServer.cpp

@@ -142,7 +142,7 @@ void WebSocketServer::Start()
 		blog(LOG_INFO, "[WebSocketServer::Start] Locked to IPv4 bindings.");
 	} else {
 		_server.listen(conf->ServerPort, errorCode);
-		blog(LOG_INFO, "[WebSocketServer::Start] Not locked to IPv4 bindings.");
+		blog(LOG_INFO, "[WebSocketServer::Start] Bound to all interfaces.");
 	}
 
 	if (errorCode) {