lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-17 01:54:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

(captiveportal, new) work in progress access controller

Browse Source
This commit is contained in:
Ad Schellevis 2015-09-29 15:17:26 +00:00
parent ecf96ebfda
commit 12a12e9c6c
1 changed files with 62 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/AccessController.php
View File

@ -81,7 +81,7 @@ class AccessController extends ApiControllerBase
}
/**
* reconfigure captive portal
* logon client to zone, must use post type of request
* @param string zone id number
* @return array
*/
@ -90,10 +90,13 @@ class AccessController extends ApiControllerBase
if ($this->request->isOptions()) {
// return empty result on CORS preflight
return array();
} elseif (true || $this->request->isPost()) {
} elseif ($this->request->isPost() && $this->hasPost('user')) {
// close session for long running action
$this->sessionClose();
// get username from post
$userName = $this->request->getPost("user", "striptags");
// search zone info, to retrieve list of authenticators
$mdlCP = new CaptivePortal();
$cpZone = $mdlCP->getByZoneID($zoneid);
@ -105,7 +108,7 @@ class AccessController extends ApiControllerBase
$authServer = $authFactory->get(trim($authServerName));
// try this auth method
$isAuthenticated = $authServer->authenticate(
$this->request->getPost("user", "striptags"),
$userName,
$this->request->getPost("password", "string")
);
@ -114,23 +117,26 @@ class AccessController extends ApiControllerBase
break;
}
}
$isAuthenticated = true;
if ($isAuthenticated) {
// when authenticated, we have $authServer available to request additional data if needed
$clientSession = $this->clientSession((string)$cpZone->zoneid);
if ($clientSession['clientState'] == 'AUTHORIZED') {
// already authorized, return current session
return $clientSession;
} else {
// allow client to
// allow client to this captiveportal zone
$backend = new Backend();
$CPsession = $backend->configdpRun(
"captiveportal allow",
array($zoneid, 'json')
array((string)$cpZone->zoneid, $userName, $this->request->getClientAddress(), 'json')
);
return json_decode($CPsession);
$CPsession = json_decode($CPsession, true);
if ($CPsession != null) {
// only return session if configd return a valid json response, otherwise fallback to
// returning "UNKNOWN"
return $CPsession;
}
}
} else {
return array("clientState" => 'NOT_AUTHORIZED',
@ -144,4 +150,51 @@ class AccessController extends ApiControllerBase
"ipAddress" => $this->request->getClientAddress()
);
}
/**
* logoff client
* @param string zone id number
* @return array
*/
public function logoffAction($zoneid = 0)
{
if ($this->request->isOptions()) {
// return empty result on CORS preflight
return array();
} else {
$this->sessionClose();
$clientSession = $this->clientSession((string)$zoneid);
if ($clientSession['clientState'] == 'AUTHORIZED') {
// you can only disconnect a connected client
$backend = new Backend();
$statusRAW = $backend->configdpRun(
"captiveportal disconnect",
array($zoneid, $clientSession['sessionId'], 'json')
);
$status = json_decode($statusRAW, true);
if ($status != null) {
return $status;
}
}
}
return array("clientState" => "UNKNOWN", "ipAddress" => $this->request->getClientAddress());
}
/**
* retrieve session info
* @param string zone id number
* @return array
*/
public function statusAction($zoneid = 0)
{
if ($this->request->isOptions()) {
// return empty result on CORS preflight
return array();
} elseif ($this->request->isPost() || $this->request->isGet()) {
$this->sessionClose();
$clientSession = $this->clientSession((string)$zoneid);
return $clientSession;
}
}
}