/** * list client sessions * @param int $zoneid zone number * @return array|mixed */ public function listAction($zoneid = 0) { $mdlCP = new CaptivePortal(); $cpZone = $mdlCP->getByZoneID($zoneid); if ($cpZone != null) { $backend = new Backend(); $allClientsRaw = $backend->configdpRun("captiveportal list_clients", array($cpZone->zoneid, 'json')); $allClients = json_decode($allClientsRaw, true); return $allClients; } else { // illegal zone, return empty response return array(); } }
/** * logon client to zone, must use post type of request * @param int|string zone id number * @return array */ public function logonAction($zoneid = 0) { $clientIp = $this->getClientIp(); if ($this->request->isOptions()) { // return empty result on CORS preflight return array(); } elseif ($this->request->isPost()) { // close session for long running action $this->sessionClose(); // init variables for authserver object and name $authServer = null; $authServerName = ""; // get username from post $userName = $this->request->getPost("user", "striptags", null); // search zone info, to retrieve list of authenticators $mdlCP = new CaptivePortal(); $cpZone = $mdlCP->getByZoneID($zoneid); if ($cpZone != null) { if (trim((string) $cpZone->authservers) != "") { // authenticate user $isAuthenticated = false; $authFactory = new AuthenticationFactory(); foreach (explode(',', (string) $cpZone->authservers) as $authServerName) { $authServer = $authFactory->get(trim($authServerName)); // try this auth method $isAuthenticated = $authServer->authenticate($userName, $this->request->getPost("password", "string")); if ($isAuthenticated) { // stop trying, when authenticated break; } } } else { // no authentication needed, set username to "anonymous@ip" $userName = "******" . $clientIp; $isAuthenticated = true; } if ($isAuthenticated) { // when authenticated, we have $authServer available to request additional data if needed $clientSession = $this->clientSession((string) $cpZone->zoneid); if ($clientSession['clientState'] == 'AUTHORIZED') { // already authorized, return current session return $clientSession; } else { // allow client to this captiveportal zone $backend = new Backend(); $CPsession = $backend->configdpRun("captiveportal allow", array((string) $cpZone->zoneid, $userName, $clientIp, $authServerName, 'json')); $CPsession = json_decode($CPsession, true); // push session restrictions, if they apply if ($CPsession != null && array_key_exists('sessionId', $CPsession) && $authServer != null) { $authProps = $authServer->getLastAuthProperties(); // when adding more client/session restrictions, extend next code // (currently only time is restricted) if (array_key_exists('session_timeout', $authProps)) { $backend->configdpRun("captiveportal set session_restrictions", array((string) $cpZone->zoneid, $CPsession['sessionId'], $authProps['session_timeout'])); } } if ($CPsession != null) { // only return session if configd return a valid json response, otherwise fallback to // returning "UNKNOWN" return $CPsession; } } } else { return array("clientState" => 'NOT_AUTHORIZED', "ipAddress" => $clientIp); } } } return array("clientState" => 'UNKNOWN', "ipAddress" => $clientIp); }
/** * delete template by uuid * @param $uuid item unique id * @return array status */ public function delTemplateAction($uuid) { $result = array("result" => "failed"); if ($this->request->isPost()) { $mdlCP = new CaptivePortal(); if ($uuid != null) { if ($mdlCP->templates->template->del($uuid)) { // if item is removed, serialize to config and save $mdlCP->serializeToConfig(); Config::getInstance()->save(); $result['result'] = 'deleted'; } else { $result['result'] = 'not found'; } } } return $result; }
/** * toggle zone by uuid (enable/disable) * @param $uuid item unique id * @param $enabled desired state enabled(1)/disabled(1), leave empty for toggle * @return array status */ public function toggleZoneAction($uuid, $enabled = null) { $result = array("result" => "failed"); if ($this->request->isPost()) { $mdlCP = new CaptivePortal(); if ($uuid != null) { $node = $mdlCP->getNodeByReference('zones.zone.' . $uuid); if ($node != null) { if ($enabled == "0" || $enabled == "1") { $node->enabled = (string) $enabled; } elseif ((string) $node->enabled == "1") { $node->enabled = "0"; } else { $node->enabled = "1"; } $result['result'] = $node->enabled; // if item has toggled, serialize to config and save $mdlCP->serializeToConfig(); Config::getInstance()->save(); } } } return $result; }
/** * logon client to zone, must use post type of request * @param string zone id number * @return array */ public function logonAction($zoneid = 0) { $clientIp = $this->getClientIp(); if ($this->request->isOptions()) { // return empty result on CORS preflight return array(); } elseif ($this->request->isPost() && $this->request->hasPost('user')) { // close session for long running action $this->sessionClose(); // get username from post $userName = $this->request->getPost("user", "striptags"); // search zone info, to retrieve list of authenticators $mdlCP = new CaptivePortal(); $cpZone = $mdlCP->getByZoneID($zoneid); if ($cpZone != null) { // authenticate user $isAuthenticated = false; $authFactory = new AuthenticationFactory(); foreach (explode(',', (string) $cpZone->authservers) as $authServerName) { $authServer = $authFactory->get(trim($authServerName)); // try this auth method $isAuthenticated = $authServer->authenticate($userName, $this->request->getPost("password", "string")); if ($isAuthenticated) { // stop trying, when authenticated break; } } if ($isAuthenticated) { // when authenticated, we have $authServer available to request additional data if needed $clientSession = $this->clientSession((string) $cpZone->zoneid); if ($clientSession['clientState'] == 'AUTHORIZED') { // already authorized, return current session return $clientSession; } else { // allow client to this captiveportal zone $backend = new Backend(); $CPsession = $backend->configdpRun("captiveportal allow", array((string) $cpZone->zoneid, $userName, $clientIp, $authServerName, 'json')); $CPsession = json_decode($CPsession, true); if ($CPsession != null) { // only return session if configd return a valid json response, otherwise fallback to // returning "UNKNOWN" return $CPsession; } } } else { return array("clientState" => 'NOT_AUTHORIZED', "ipAddress" => $clientIp); } } } return array("clientState" => 'UNKNOWN', "ipAddress" => $clientIp); }