From e34f156d0afe07a7591230be86ba7323eaeb0b28 Mon Sep 17 00:00:00 2001 From: Ibnu Maksum Date: Fri, 12 Jul 2024 13:45:32 +0700 Subject: [PATCH] add realm --- install/phpnuxbill.sql | 28 +++++++++++++++++++++++++++ radius.php | 43 ++++++++++++++++++++++++++++++++++++------ system/updates.json | 2 +- 3 files changed, 66 insertions(+), 7 deletions(-) diff --git a/install/phpnuxbill.sql b/install/phpnuxbill.sql index dcc48863..d3074192 100644 --- a/install/phpnuxbill.sql +++ b/install/phpnuxbill.sql @@ -205,6 +205,34 @@ CREATE TABLE `tbl_voucher` ( ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; +DROP TABLE IF EXISTS `rad_acct`; +CREATE TABLE `rad_acct` ( + `id` bigint NOT NULL, + `acctsessionid` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', + `username` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', + `realm` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', + `nasid` varchar(32) COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', + `nasipaddress` varchar(15) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', + `nasportid` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci DEFAULT NULL, + `nasporttype` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci DEFAULT NULL, + `framedipaddress` varchar(15) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', + `acctstatustype` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci DEFAULT NULL, + `macaddr` varchar(50) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL, + `dateAdded` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci; + + +ALTER TABLE `rad_acct` + ADD PRIMARY KEY (`id`), + ADD KEY `username` (`username`), + ADD KEY `framedipaddress` (`framedipaddress`), + ADD KEY `acctsessionid` (`acctsessionid`), + ADD KEY `nasipaddress` (`nasipaddress`); + + +ALTER TABLE `rad_acct` + MODIFY `id` bigint NOT NULL AUTO_INCREMENT; + ALTER TABLE `tbl_appconfig` ADD PRIMARY KEY (`id`); diff --git a/radius.php b/radius.php index 399f814b..359dbb4a 100644 --- a/radius.php +++ b/radius.php @@ -23,15 +23,36 @@ if (empty($action)) { $code = 200; +//debug +// if (!empty($action)) { +// file_put_contents("$action.json", json_encode([ +// 'header' => $_SERVER, +// 'get' => $_GET, +// 'post' => $_POST, +// 'time' => time() +// ])); +// } + try { switch ($action) { case 'authenticate': $username = _req('username'); $password = _req('password'); + if (empty($username) || empty($password)) { + show_radius_result([ + "control:Auth-Type" => "Reject", + "reply:Reply-Message" => 'Login invalid' + ], 401); + } if ($username == $password) { $d = ORM::for_table('tbl_voucher')->where('code', $username)->find_one(); } else { $d = ORM::for_table('tbl_customers')->where('username', $username)->find_one(); + if ($d['password'] != $password) { + if ($d['pppoe_password'] != $password) { + unset($d); + } + } } if ($d) { header("HTTP/1.1 204 No Content"); @@ -47,7 +68,7 @@ try { $username = _req('username'); $password = _req('password'); $isVoucher = ($username == $password); - if (empty($username)) { + if (empty($username) || empty($password)) { show_radius_result([ "control:Auth-Type" => "Reject", "reply:Reply-Message" => 'Login invalid......' @@ -58,7 +79,9 @@ try { if (!$isVoucher) { $d = ORM::for_table('tbl_customers')->select('password')->where('username', $username)->find_one(); if ($d['password'] != $password) { - show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401); + if ($d['pppoe_password'] != $password) { + show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401); + } } } process_radiust_rest($tur, $code); @@ -89,11 +112,14 @@ try { show_radius_result(['Reply-Message' => 'Internet Plan Expired..'], 401); } } - die("hehe"); break; case 'accounting': $username = _req('username'); if (empty($username)) { + show_radius_result([ + "control:Auth-Type" => "Reject", + "reply:Reply-Message" => 'Username empty' + ], 200); die(); } header("HTTP/1.1 200 ok"); @@ -107,6 +133,7 @@ try { } $d->acctsessionid = _post('acctSessionId'); $d->username = $username; + $d->realm = _post('realm'); $d->nasipaddress = _post('nasip'); $d->nasid = _post('nasid'); $d->nasportid = _post('nasPortId'); @@ -116,6 +143,10 @@ try { $d->macaddr = _post('macAddr'); $d->dateAdded = date('Y-m-d H:i:s'); $d->save(); + show_radius_result([ + "control:Auth-Type" => "Accept", + "reply:Reply-Message" => 'Saved' + ], 200); break; } die(); @@ -126,7 +157,7 @@ try { $e->getTraceAsString(), $config['telegram_topik_error'] ); - show_radius_result(['Reply-Message' => 'Command Failed : '.$action], 401); + show_radius_result(['Reply-Message' => 'Command Failed : ' . $action], 401); } catch (Exception $e) { Message::sendTelegram( "Sistem Error.\n" . @@ -134,9 +165,9 @@ try { $e->getTraceAsString(), $config['telegram_topik_error'] ); - show_radius_result(['Reply-Message' => 'Command Failed : '.$action], 401); + show_radius_result(['Reply-Message' => 'Command Failed : ' . $action], 401); } -show_radius_result(['Reply-Message' => 'Invalid Command : '.$action], 401); +show_radius_result(['Reply-Message' => 'Invalid Command : ' . $action], 401); function process_radiust_rest($tur, $code) { diff --git a/system/updates.json b/system/updates.json index 618fac29..0ed14652 100644 --- a/system/updates.json +++ b/system/updates.json @@ -122,7 +122,7 @@ "ALTER TABLE `tbl_plans` ADD `on_logout` TEXT NULL DEFAULT NULL AFTER `on_login`;" ], "2024.7.6" : [ - "CREATE TABLE IF NOT EXISTS `rad_acct` ( `id` bigint NOT NULL, `acctsessionid` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', `username` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', `nasid` varchar(32) COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', `nasipaddress` varchar(15) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', `nasportid` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci DEFAULT NULL, `nasporttype` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci DEFAULT NULL, `framedipaddress` varchar(15) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '',`acctstatustype` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci DEFAULT NULL, `macaddr` varchar(50) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL, `dateAdded` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;", + "CREATE TABLE IF NOT EXISTS `rad_acct` ( `id` bigint NOT NULL, `acctsessionid` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', `username` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', `realm` varchar(128) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', `nasid` varchar(32) COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', `nasipaddress` varchar(15) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '', `nasportid` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci DEFAULT NULL, `nasporttype` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci DEFAULT NULL, `framedipaddress` varchar(15) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT '',`acctstatustype` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci DEFAULT NULL, `macaddr` varchar(50) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL, `dateAdded` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;", "ALTER TABLE `rad_acct` ADD PRIMARY KEY (`id`), ADD KEY `username` (`username`), ADD KEY `framedipaddress` (`framedipaddress`), ADD KEY `acctsessionid` (`acctsessionid`), ADD KEY `nasipaddress` (`nasipaddress`);", "ALTER TABLE `rad_acct` MODIFY `id` bigint NOT NULL AUTO_INCREMENT;" ]