Resolved issue #6

code/config.json

@@ -0,0 +1,11 @@
+{
+    "ports": {
+        "radius_authentication": 1812,
+        "radius_accounting": 1813 
+    },
+    "client_secret": "password",
+    "storage": "json:./data.json",
+    "default_vlan_enabled": true,
+    "default_vlan_id": 90,
+    "mac_auth_only": true
+}

code/data.json

@@ -6,8 +6,13 @@
       "vlan": "123"
     },
     {
-      "username": "test2",
+      "username": "AB:CD:EF:12:34:56",
-      "password": "test",
+      "password": "AB:CD:EF:12:34:56",
+      "vlan": "123"
+    },
+    {
+      "username": "abcdef123456",
+      "password": "abcdef123456",
       "vlan": "123"
     }
   ]

code/index.js

@@ -28,7 +28,8 @@ catch (error) {
         },
         storage: "json:./data.json",
         client_secret: "password",
-        default_vlan_enabled: false
+        default_vlan_enabled: false,
+        mac_auth_only: false
     }
 }
 if (process.env['NETRADIUS_PORT_RADIUS_AUTH']) config.ports.radius_authentication = process.env['NETRADIUS_PORT_RADIUS_AUTH'];
@@ -38,11 +39,12 @@ if (process.env['NETRADIUS_STORAGE']) config.storage = process.env['NETRADIUS_ST
 if (process.env['NETRADIUS_DEFAULT_VLAN']) config.default_vlan_enabled = process.env['NETRADIUS_DEFAULT_VLAN'];
 if (process.env['NETRADIUS_DEFAULT_VLAN_ID']) config.default_vlan_id = process.env['NETRADIUS_DEFAULT_VLAN_ID'];
 if (process.env['NETRADIUS_CLIENT_SECRET']) config.client_secret = process.env['NETRADIUS_CLIENT_SECRET'];
+if (process.env['NETRADIUS_MAC_AUTH_ONLY']) config.mac_auth_only = process.env['NETRADIUS_MAC_AUTH_ONLY'];
 
 // Set defaults
-config.ports.radius_authentication = 1812;
+if (!config.ports.radius_authentication) config.ports.radius_authentication = 1812;
-config.ports.radius_accounting = 1813;
+if (!config.ports.radius_accounting) config.ports.radius_accounting = 1813;
-config.ports.api = 8080;
+if (!config.ports.api) config.ports.api = 8080;
 
 // Display active configuration
 log.write ('Using configuration: ' + JSON.stringify (config));
@@ -113,8 +115,9 @@ http.createServer (function (req, res) {
     var endpoint = req.method + " " + url;
     switch (endpoint) {
 
+        // Used for docker healthcheck
         case "GET /health":
-            respond (res, "OK\n\n", 200);
+            respond (res, "OK", 200);
             break;
 
         case "GET /users":
@@ -147,24 +150,7 @@ http.createServer (function (req, res) {
             req.on ('end', () => {
                 handlers.user.create (payload, (status, err) => {
                     if (err) {
-                        respond (res, "Error\n\n", 500);
+                        respond (res, err, 500);
-                    }
-                    else {
-                        respond (res, status, 200);
-                    }
-                });
-            });
-            break;
-        
-        case "UPDATE /user":
-            var payload = '';
-            req.on ('data', chunk => {
-                payload += chunk.toString ();
-            });
-            req.on ('end', () => {
-                handlers.user.update (payload, (status, err) => {
-                    if (err) {
-                        respond (res, "Error\n\n", 500);
                     }
                     else {
                         respond (res, status, 200);
@@ -176,7 +162,7 @@ http.createServer (function (req, res) {
         case "DELETE /user":
             handlers.user.delete (req.url.substring (req.url.lastIndexOf ("/") + 1), (status, err) => {
                 if (err) {
-                    respond (res, "Error\n\n", 500);
+                    respond (res, err, 404);
                 }
                 else {
                     respond (res, status, 200);
@@ -185,7 +171,7 @@ http.createServer (function (req, res) {
             break;
 
         default:
-            respond (res, "Not found\n\n", 404);
+            respond (res, "Not found", 404);
 
     }
 }).listen (8080);

code/lib/data.js

@@ -35,6 +35,10 @@ data.users.forEach ((e) => {
 
 module.exports = {
     authUser: (username, password) => {
+        if (config.mac_auth_only) {
+            username = username.toLowerCase ().replace (/[:-]/g, '');
+            password = password.toLowerCase ().replace (/[:-]/g, '');
+        }
         if (users[username] && users[username].password == password) {
             return { 
                 vlan: users[username].vlan 
@@ -50,6 +54,10 @@ module.exports = {
             payload = JSON.parse (payload);
             var username = payload.username;
             var password = payload.password;
+            if (config.mac_auth_only) {
+                username = username.toLowerCase ().replace (/[:-]/g, '');
+                password = password.toLowerCase ().replace (/[:-]/g, '');
+            }
             var description = payload.description || "";
             var vlan = payload.vlan;
             users[username] = {
@@ -84,6 +92,9 @@ module.exports = {
     },
 
     getUser: (username, callback) => {
+        if (config.mac_auth_only) {
+            username = username.toLowerCase ().replace (/[:-]/g, '');
+        }
         try {
             var user = users[username];
             callback (user, null);
@@ -93,12 +104,11 @@ module.exports = {
         }
     },
 
-    updateUser: (payload, callback) => {
-        payload = JSON.parse (payload);
-        callback ("OK\n\n", null);
-    },
-
     deleteUser: (username, callback) => {
+        if (config.mac_auth_only) {
+            username = username.toLowerCase ().replace (/[:-]/g, '');
+        }
+        if (users[username]) {
             try {
                 delete users[username];
                 persistData ();
@@ -108,4 +118,8 @@ module.exports = {
                 callback (null, "Error");
             }
         }
+        else {
+            callback (null, "Not found");
+        }
+    }
 }

code/lib/handlers.js

@@ -12,6 +12,10 @@ module.exports = {
                 if (decoded.code == 'Access-Request') {
                     var username = decoded.attributes['User-Name'];
                     var password = decoded.attributes['User-Password'];
+                    if (config.mac_auth_only) {
+                        username = username.toLowerCase ().replace (/[:-]/g, '');
+                        password = password.toLowerCase ().replace (/[:-]/g, '');
+                    }
                     var user = data.authUser (username, password);
                     var vlan = false;
                     if (user) {
@@ -59,7 +63,6 @@ module.exports = {
         create: data.createUser,
         getall: data.getUsers,
         getone: data.getUser,
-        update: data.updateUser,
         delete: data.deleteUser
     }
 }