forked from kevinowino869/mitrobill
simplify Chap verify RadiusRest
This commit is contained in:
Ibnu Maksum
61
radius.php
61
radius.php
@ -38,11 +38,30 @@ try {
|
||||
case 'authenticate':
|
||||
$username = _req('username');
|
||||
$password = _req('password');
|
||||
if (empty($username) || empty($password)) {
|
||||
show_radius_result([
|
||||
"control:Auth-Type" => "Reject",
|
||||
"reply:Reply-Message" => 'Login invalid'
|
||||
], 401);
|
||||
$CHAPassword = _req('CHAPassword');
|
||||
$CHAPchallenge = _req('CHAPchallenge');
|
||||
if (!empty($CHAPassword)) {
|
||||
$c = ORM::for_table('tbl_customers')->select('password')->where('username', $username)->find_one();
|
||||
//if verified
|
||||
if (Password::chap_verify($c['password'], $CHAPassword, $CHAPchallenge)) {
|
||||
$password = $c['password'];
|
||||
$isVoucher = false;
|
||||
}else{
|
||||
// check if voucher
|
||||
if (Password::chap_verify($username, $CHAPassword, $CHAPchallenge)) {
|
||||
$isVoucher = true;
|
||||
$password = $username;
|
||||
} else {
|
||||
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if (empty($username) || empty($password)) {
|
||||
show_radius_result([
|
||||
"control:Auth-Type" => "Reject",
|
||||
"reply:Reply-Message" => 'Login invalid......'
|
||||
], 401);
|
||||
}
|
||||
}
|
||||
if ($username == $password) {
|
||||
$d = ORM::for_table('tbl_voucher')->where('code', $username)->find_one();
|
||||
@ -68,22 +87,24 @@ try {
|
||||
$username = _req('username');
|
||||
$password = _req('password');
|
||||
$isVoucher = ($username == $password);
|
||||
$real = _req('CHAPassword');
|
||||
$challenge = _req('CHAPchallenge');
|
||||
if (!empty($real)) { //aktif hanya kalo chappasword ada isinya
|
||||
$dd = ORM::for_table('tbl_customers')->select('password')->where('username', $username)->find_one();
|
||||
$pwd = $dd['password']; //ambil password text
|
||||
$challenger = hex2bin(substr($challenge, 2)); //buang 0x
|
||||
$realr = substr($real, 2); //buang 0x lagi
|
||||
$chapid = substr($realr, 0, 2); //ambil chap-id dari chap-pass
|
||||
$chapidr = hex2bin($chapid); //konvert chap-id
|
||||
$result = $chapidr . $pwd . $challenger; //mix semua
|
||||
$response = $chapid . md5($result); //enkripsi lagi hasilnya trus di mix sama chap id
|
||||
if ($response != $realr) { //begal kalo hasil gak sama
|
||||
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
|
||||
$CHAPassword = _req('CHAPassword');
|
||||
$CHAPchallenge = _req('CHAPchallenge');
|
||||
if (!empty($CHAPassword)) {
|
||||
$c = ORM::for_table('tbl_customers')->select('password')->where('username', $username)->find_one();
|
||||
//if verified
|
||||
if (Password::chap_verify($c['password'], $CHAPassword, $CHAPchallenge)) {
|
||||
$password = $c['password'];
|
||||
$isVoucher = false;
|
||||
}else{
|
||||
// check if voucher
|
||||
if (Password::chap_verify($username, $CHAPassword, $CHAPchallenge)) {
|
||||
$isVoucher = true;
|
||||
$password = $username;
|
||||
} else {
|
||||
show_radius_result(['Reply-Message' => 'Username or Password is wrong'], 401);
|
||||
}
|
||||
}
|
||||
|
||||
//if ($response == $realr) { echo 'ok betul 100'; }else{ echo 'salah'; } // untuk keperluan debug
|
||||
//if ($response == $CHAPr) { echo 'ok betul 100'; }else{ echo 'salah'; } // untuk keperluan debug
|
||||
} else { //kalo chappassword kosong brrti eksekusi yg ini
|
||||
|
||||
if (empty($username) || empty($password)) {
|
||||
|
||||
Reference in New Issue
Block a user