alis/Sinatra
1
0
Fork 0
Code Issues 5 Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: alis:3a58c19c441c88dd22b60e7d5d06b7a63488aa5d
Branches Tags
alis:main
..
compare: alis:9d6011126294a1d496bbef39aa577ccdfd3526be
Branches Tags
alis:main

No commits in common. "3a58c19c441c88dd22b60e7d5d06b7a63488aa5d" and "9d6011126294a1d496bbef39aa577ccdfd3526be" have entirely different histories.
3a58c19c44 ... 9d60111262

6 changed files with 23 additions and 105 deletions
Show Stats Expand all files Collapse all files

11
code/config.json Normal file
View File

@ -0,0 +1,11 @@
{
"ports": {
"radius_authentication": 1812,
"radius_accounting": 1813
},
"client_secret": "password",
"storage": "json:./data.json",
"default_vlan_enabled": true,
"default_vlan_id": 90,
"mac_auth_only": true
}

5
code/data.json
View File

@ -9,6 +9,11 @@
"username": "AB:CD:EF:12:34:56", "username": "AB:CD:EF:12:34:56",
"password": "AB:CD:EF:12:34:56", "password": "AB:CD:EF:12:34:56",
"vlan": "123" "vlan": "123"
},
{
"username": "abcdef123456",
"password": "abcdef123456",
"vlan": "123"
} }
] ]
} }

2
code/index.js
View File

@ -30,7 +30,6 @@ catch (error) {
client_secret: "password", client_secret: "password",
default_vlan_enabled: false, default_vlan_enabled: false,
mac_auth_only: false mac_auth_only: false
session_duration: 60
} }
} }
if (process.env['NETRADIUS_PORT_RADIUS_AUTH']) config.ports.radius_authentication = process.env['NETRADIUS_PORT_RADIUS_AUTH']; if (process.env['NETRADIUS_PORT_RADIUS_AUTH']) config.ports.radius_authentication = process.env['NETRADIUS_PORT_RADIUS_AUTH'];
@ -41,7 +40,6 @@ if (process.env['NETRADIUS_DEFAULT_VLAN']) config.default_vlan_enabled = process
if (process.env['NETRADIUS_DEFAULT_VLAN_ID']) config.default_vlan_id = process.env['NETRADIUS_DEFAULT_VLAN_ID']; if (process.env['NETRADIUS_DEFAULT_VLAN_ID']) config.default_vlan_id = process.env['NETRADIUS_DEFAULT_VLAN_ID'];
if (process.env['NETRADIUS_CLIENT_SECRET']) config.client_secret = process.env['NETRADIUS_CLIENT_SECRET']; if (process.env['NETRADIUS_CLIENT_SECRET']) config.client_secret = process.env['NETRADIUS_CLIENT_SECRET'];
if (process.env['NETRADIUS_MAC_AUTH_ONLY']) config.mac_auth_only = process.env['NETRADIUS_MAC_AUTH_ONLY']; if (process.env['NETRADIUS_MAC_AUTH_ONLY']) config.mac_auth_only = process.env['NETRADIUS_MAC_AUTH_ONLY'];
if (process.env['NETRADIUS_SESSION_DURATION']) config.session_duration = process.env['NETRADIUS_SESSION_DURATION'];
// Set defaults // Set defaults
if (!config.ports.radius_authentication) config.ports.radius_authentication = 1812; if (!config.ports.radius_authentication) config.ports.radius_authentication = 1812;

20
code/lib/data.js
View File

@ -1,5 +1,4 @@
const fs = require ('fs'); const fs = require ('fs');
const timeauth = require ('./time.js');
try { try {
var data = JSON.parse (fs.readFileSync ('./data.json').toString ()); var data = JSON.parse (fs.readFileSync ('./data.json').toString ());
@ -20,9 +19,7 @@ const persistData = () => {
content.users.push ({ content.users.push ({
username: user, username: user,
password: users[user].password, password: users[user].password,
vlan: users[user].vlan, vlan: users[user].vlan
description: users[user].description,
rules: users[user].rules
}); });
}); });
fs.writeFileSync ('./data.json', JSON.stringify (content, null, 2)); fs.writeFileSync ('./data.json', JSON.stringify (content, null, 2));
@ -32,9 +29,7 @@ users = {};
data.users.forEach ((e) => { data.users.forEach ((e) => {
users[e.username] = { users[e.username] = {
password: e.password, password: e.password,
vlan: e.vlan, vlan: e.vlan
description: e.description,
rules: e.rules
} }
}); });
@ -45,9 +40,6 @@ module.exports = {
password = password.toLowerCase ().replace (/[:-]/g, ''); password = password.toLowerCase ().replace (/[:-]/g, '');
} }
if (users[username] && users[username].password == password) { if (users[username] && users[username].password == password) {
// Check time
var rules = users[username].rules || [];
if (timeauth.checkAuth (rules)) {
return { return {
vlan: users[username].vlan vlan: users[username].vlan
}; };
@ -55,10 +47,6 @@ module.exports = {
else { else {
return false; return false;
} }
}
else {
return false;
}
}, },
createUser: (payload, callback) => { createUser: (payload, callback) => {
@ -71,13 +59,11 @@ module.exports = {
password = password.toLowerCase ().replace (/[:-]/g, ''); password = password.toLowerCase ().replace (/[:-]/g, '');
} }
var description = payload.description || ""; var description = payload.description || "";
var rules = payload.rules || [];
var vlan = payload.vlan; var vlan = payload.vlan;
users[username] = { users[username] = {
password: password, password: password,
vlan: vlan, vlan: vlan,
description: description, description: description
rules: rules
}; };
persistData (); persistData ();
callback ("OK\n\n", null); callback ("OK\n\n", null);

4
code/lib/handlers.js
View File

@ -18,7 +18,6 @@ module.exports = {
} }
var user = data.authUser (username, password); var user = data.authUser (username, password);
var vlan = false; var vlan = false;
var code = 'Access-Reject';
if (user) { if (user) {
log.write (username + " access granted to VLAN " + user.vlan); log.write (username + " access granted to VLAN " + user.vlan);
code = 'Access-Accept'; code = 'Access-Accept';
@ -43,8 +42,7 @@ module.exports = {
attributes: { attributes: {
"Tunnel-Medium-Type": 6, "Tunnel-Medium-Type": 6,
"Tunnel-Type": 13, "Tunnel-Type": 13,
"Tunnel-Private-Group-Id": vlan, "Tunnel-Private-Group-Id": vlan
"Session-Timeout": config.radius.session_duration || 60
} }
}); });
callback (response, null); callback (response, null);

80
code/lib/time.js
View File

@ -1,80 +0,0 @@
const rangeStringToArray = (str) => {
// Split the string by hyphen
const parts = str.split ("-");
// Validate input format (two numbers separated by hyphen)
if (parts.length !== 2 || isNaN (parts[0]) || isNaN (parts[1])) {
return null; // Return null for invalid format
}
// Convert strings to numbers
const start = parseInt (parts[0], 10);
const end = parseInt (parts[1], 10);
// Check if start is less than or equal to end (inclusive range)
if (start > end) {
return null; // Return null for invalid range
}
// Use Array.from() to create an array with sequence
return Array.from ({ length: end - start + 1 }, (_, i) => start + i);
};
const resolveRange = (str) => {
const numberSets = str.split (","); // Split by commas
const numbers = [];
for (const set of numberSets) {
// Check if it's a range
if (set.includes ("-")) {
const range = rangeStringToArray (set); // Use the previous function
if (range) {
numbers.push(...range); // Spread operator to add elements from range array
}
else {
const num = parseInt(set, 10);
// Check if conversion is successful (valid number)
if (!isNaN(num)) {
numbers.push(num);
}
}
}
}
return numbers;
}
module.exports = {
checkAuth: (rules = []) => {
var authorised = false;
if (rules.length > 0) {
var now = new Date ();
var minuteOfDay = (now.getHours () * 60) + now.getMinutes (); // 0 - 1439
var day = now.getDay (); // 1 - 7
var date = now.getDate (); // 1 - 31
var month = now.getMonth () + 1; // 1 - 12
var actions = [];
rules.forEach ((rule) => {
var valid = false;
// Process rule
var r = {
startMinute: parseInt (rule.startTime.split (":")[0] * 60) + parseInt (rule.startTime.split (":")[1]),
endMinute: parseInt (rule.endTime.split (":")[0] * 60) + parseInt (rule.endTime.split (":")[1]),
days: resolveRange (rule.weekdays),
dates: resolveRange (rule.dates),
months: resolveRange (rule.months)
}
if (
minuteOfDay >= r.startMinute &&
minuteOfDay <= r.endMinute &&
r.days.indexOf (day) !== -1 &&
r.dates.indexOf (date) !== -1 &&
r.months.indexOf (month) !== -1
) {
actions.push (rule.action.toLowerCase ());
}
});
if (actions.indexOf ("allow")) {
authorised = true;
}
if (actions.indexOf ("deny")) {
authorised = false;
}
}
return authorised;
}
}