def get(self): is_chap = self.settings.is_chap if not self.current_user: self.clear_all_cookies() self.redirect("/login") return try: qstr = self.get_secure_cookie("portal_qstr") wlan_params = self.get_wlan_params(qstr) self.syslog.info("wlan params:" + utils.safestr(wlan_params)) userIp = wlan_params.get("wlanuserip","") cli = PortalClient(secret=self.settings.share_secret) rl_req = PortalV2.newReqLogout( userIp,self.settings.share_secret,self.settings.ac_addr[0],chap=is_chap) rl_resp = yield cli.sendto(rl_req,self.settings.ac_addr) if rl_resp and rl_resp.errCode > 0: print cmcc.AckLogoutErrs[rl_resp.errCode] self.syslog.info('logout success') except Exception as err: self.syslog.error(u"disconnect error %s" % utils.safestr(err)) import traceback traceback.print_exc() finally: cli.close() self.clear_all_cookies() self.redirect("/login?%s"%(qstr),permanent=False)
def get(self): qstr = self.request.query wlan_params = self.get_wlan_params(qstr) if self.settings.debug: self.syslog.debug("Open portal auth page, wlan params:{0}".format(utils.safestr(wlan_params))) tpl = yield self.get_template_attrs(wlan_params.get("ssid", "default")) self.render(self.get_login_template(tpl['tpl_name']), msg=None, tpl=tpl, qstr=qstr, **wlan_params)
def get_policy_server(self): cache_key = "get_policy_server" _resp = portal_cache.get(cache_key) if _resp: if self.settings.debug: self.syslog.debug("query policy server request hit cache; key=%s" % cache_key) defer.returnValue(_resp) return nonce = str(time.time()) sign = self.mksign(params=[nonce]) reqdata = json.dumps(dict(nonce=nonce, sign=sign)) apiurl = "%s/plserver/query" % self.settings.apiurl if self.settings.debug: self.syslog.debug("start query policy server request (%s): %s" % (apiurl, reqdata)) resp = yield requests.post(apiurl, data=reqdata, headers={"Content-Type": ["application/json"]}) jsonresp = yield resp.json() if jsonresp['code'] == 1: log.err(jsonresp['msg']) defer.returnValue({}) if jsonresp['code'] == 0: self.syslog.info("query policy server success,{0}".format(utils.safestr(jsonresp))) portal_cache.set(cache_key, jsonresp, expire=60) defer.returnValue(jsonresp)
def get_ikuai_nas(self, gwid): cache_key = '{0}{1}'.format('get_ik_nas', gwid) _resp = portal_cache.get(cache_key) if _resp: if self.settings.debug: self.syslog.debug("query ik_nas request hit cache; key=%s" % cache_key) defer.returnValue(_resp) return sign = self.mksign(params=[gwid]) reqdata = json.dumps(dict(gwid=gwid, sign=sign)) apiurl = "%s/ikuai/query" % self.settings.apiurl if self.settings.debug: self.syslog.debug("start query ikuai nas request (%s): %s" % (apiurl, reqdata)) resp = yield requests.post(apiurl, data=reqdata, headers={"Content-Type": ["application/json"]}) jsonresp = yield resp.json() if jsonresp['code'] == 1: log.err(jsonresp['msg']) defer.returnValue({}) if jsonresp['code'] == 0: self.syslog.info("query ikuai nas success,{0}".format(utils.safestr(jsonresp))) portal_cache.set(cache_key, jsonresp['data'], expire=60) defer.returnValue(jsonresp['data'])
def papAuth(): try: cli = PortalClient(secret=secret, syslog=self.syslog) # req auth ra_req = PortalV2.newReqAuth( userIp, username, password, 0, None, secret, ac_addr[0], chap=False ) ra_resp = yield cli.sendto(ra_req, ac_addr) if ra_resp.errCode > 0: if ra_resp.errCode == 2: set_user_cookie() self.redirect(firsturl) return _err_msg = "{0},{1}".format(cmcc.AckAuthErrs[ra_resp.errCode], ra_resp.get_text_info()[0] or "") raise PortalError(_err_msg) # aff_ack aa_req = PortalV2.newAffAckAuth(userIp, secret, ac_addr[0], ra_req.serialNo, 0, chap=False) yield cli.sendto(aa_req, ac_addr, recv=False) self.syslog.info('Portal [username:%s] pap auth success' % _username) if self.settings.debug: self.syslog.debug('Portal [username:%s] pap auth login [cast:%s ms]' % ( _username, (time.time() - start_time) * 1000)) set_user_cookie() self.redirect(firsturl) except Exception as err: try: self.syslog.error("portal [username:%s] pap auth catch exception,%s" % ( _username, utils.safestr(err.message))) back_login(msg=u"portal pap auth error,%s" % utils.safestr(err.message)) except: back_login(msg=u"portal pap auth error,server process error") import traceback traceback.print_exc() finally: cli.close()
def chapAuth(): try: cli = PortalClient(secret=secret, syslog=self.syslog) rc_req = PortalV2.newReqChallenge(userIp,secret, chap=is_chap) rc_resp = yield cli.sendto(rc_req,ac_addr) if rc_resp.errCode > 0: if rc_resp.errCode == 2: set_user_cookie() self.redirect(firsturl) return raise PortalError(cmcc.AckChallengeErrs[rc_resp.errCode]) # req auth ra_req = PortalV2.newReqAuth( userIp, username, password, rc_resp.reqId, rc_resp.get_challenge(), secret, ac_addr[0], serialNo=rc_req.serialNo, chap=is_chap ) ra_resp = yield cli.sendto(ra_req,ac_addr) if ra_resp.errCode > 0: if ra_resp.errCode == 2: set_user_cookie() self.redirect(firsturl) return _err_msg = "{0},{1}".format(cmcc.AckAuthErrs[ra_resp.errCode], ra_resp.get_text_info()[0] or "") raise PortalError(_err_msg) # aff_ack aa_req = PortalV2.newAffAckAuth(userIp,secret,ac_addr[0],ra_req.serialNo,rc_resp.reqId, chap=is_chap) yield cli.sendto(aa_req,ac_addr,recv=False) self.syslog.info('Portal [username:{0}] chap auth success'.format(_username)) if self.settings.debug: self.syslog.debug('Portal [username:%s] chap auth login [cast:%s ms]' % ( _username, (time.time() - start_time) * 1000)) set_user_cookie() self.redirect(firsturl) except Exception as err: try: self.syslog.exception("Portal [username:%s] chap auth catch exception, %s" % ( _username, utils.safestr(err.message))) back_login(msg=u"Portal chap auth error,%s" % err.message) except: back_login(msg=u"Portal chap auth error,server process error") finally: cli.close()
def render_string(self, template_name, **template_vars): template_vars["xsrf_form_html"] = self.xsrf_form_html template_vars["current_user"] = self.current_user template_vars["login_time"] = self.get_secure_cookie("portal_logintime") template_vars["request"] = self.request template_vars["requri"] = "{0}://{1}".format(self.request.protocol, self.request.host) template_vars["handler"] = self template_vars["utils"] = utils try: mytemplate = self.tp_lookup.get_template(template_name) return mytemplate.render(**template_vars) except Exception as err: self.syslog.error("Render template error {0}".format(utils.safestr(err))) raise
def get(self): session_id = self.get_argument("session_id", None) if not session_id: self.write('20001') sign = self.mksign([session_id]) apiurl = "%s/session/exists" % self.settings.apiurl reqdata = json.dumps(dict(session_id=session_id,sign=sign), ensure_ascii=False) headers = {"Content-Type": ["application/json"]} resp = yield requests.post(apiurl, data=reqdata, headers=headers) if resp.code != 200: self.syslog.error("ikuai session exists error : {0}".format(repr(resp))) self.write("20001") return jsonresp = yield resp.json() if jsonresp['code'] == 1: self.syslog.error("ikuai session exists error : {0}".format(utils.safestr(jsonresp['msg']))) self.write("20001") return self.write('20000')
return for attempt in range(self.retry): self.syslog.info("Send portal packet times %s" % attempt) self.transport.write(str(req),(host,port)) now = time.time() waitto = now + self.timeout while now < waitto: if req.sid in self.results: defer.returnValue(self.results.pop(req.sid)) return else: now = time.time() yield sleep(0.002) continue raise Timeout("send packet timeout") def datagramReceived(self, datagram, (host, port)): try: if self.debug: print ":: Hexdump > %s"%hexdump(datagram,len(datagram)) resp = PortalV2(packet=datagram,secret=self.secret) self.results[resp.sid] = resp self.syslog.info(":: Received packet from AC %s >> %s " % ((host, port), repr(resp))) except Exception as err: self.syslog.error('Process packet error %s >> %s' % ((host, port), utils.safestr(err)))
def post(self): start_time = time.time() secret = self.settings.share_secret ac_addr = self.settings.ac_addr is_chap = self.settings.is_chap qstr = self.get_argument("qstr","") wlan_params = self.get_wlan_params(qstr) username = self.get_argument("username", None) password = self.get_argument("password", None) _username = username if self.settings.debug: self.syslog.debug("Start [username:%s] portal auth, wlan params:%s" % (_username, utils.safestr(wlan_params))) userIp = wlan_params.get('wlanuserip','') tpl = yield self.get_template_attrs(wlan_params.get("ssid", "default")) firsturl = tpl.get("home_page", "/?tpl_name=%s" % tpl.get('tpl_name', 'default')) def set_user_cookie(): self.set_secure_cookie("portal_user", _username, expires_days=1) self.set_secure_cookie("portal_logintime", utils.get_currtime(), expires_days=1) self.set_secure_cookie("portal_qstr", qstr, expires_days=1) @defer.inlineCallbacks def get_domain(ssid): sign = self.mksign(params=[ssid]) reqdata = json.dumps(dict(ssid=ssid, sign=sign)) apiurl = "%s/domain/query" % self.settings.apiurl if self.settings.debug: self.syslog.debug("start query domain request (%s): %s" % (apiurl, reqdata)) resp = yield httpclient.fetch(apiurl,postdata=reqdata, headers={"Content-Type": ["application/json"]}) jsonresp = json.loads(resp.body) if jsonresp['code'] == 1: self.syslog.error(jsonresp['msg']) defer.returnValue(jsonresp['domain']) return if jsonresp['code'] == 0: if self.settings.debug: self.syslog.debug("query domain success") defer.returnValue(jsonresp['domain']) def back_login(msg=u''): self.render(self.get_login_template(tpl['tpl_name']),tpl=tpl, msg=msg,qstr=qstr, **wlan_params) if not username or not password: back_login(msg=u"请输入用户名和密码") return # checkos cli_dev, cli_os = self.chk_os domain = yield get_domain(wlan_params.get("ssid", "default")) username = "******" % (username, cli_dev, cli_os, domain) #################################################################################### ## portal chap auth #################################################################################### @defer.inlineCallbacks def chapAuth(): try: cli = PortalClient(secret=secret, syslog=self.syslog) rc_req = PortalV2.newReqChallenge(userIp,secret, chap=is_chap) rc_resp = yield cli.sendto(rc_req,ac_addr) if rc_resp.errCode > 0: if rc_resp.errCode == 2: set_user_cookie() self.redirect(firsturl) return raise PortalError(cmcc.AckChallengeErrs[rc_resp.errCode]) # req auth ra_req = PortalV2.newReqAuth( userIp, username, password, rc_resp.reqId, rc_resp.get_challenge(), secret, ac_addr[0], serialNo=rc_req.serialNo, chap=is_chap ) ra_resp = yield cli.sendto(ra_req,ac_addr) if ra_resp.errCode > 0: if ra_resp.errCode == 2: set_user_cookie() self.redirect(firsturl) return _err_msg = "{0},{1}".format(cmcc.AckAuthErrs[ra_resp.errCode], ra_resp.get_text_info()[0] or "") raise PortalError(_err_msg) # aff_ack aa_req = PortalV2.newAffAckAuth(userIp,secret,ac_addr[0],ra_req.serialNo,rc_resp.reqId, chap=is_chap) yield cli.sendto(aa_req,ac_addr,recv=False) self.syslog.info('Portal [username:{0}] chap auth success'.format(_username)) if self.settings.debug: self.syslog.debug('Portal [username:%s] chap auth login [cast:%s ms]' % ( _username, (time.time() - start_time) * 1000)) set_user_cookie() self.redirect(firsturl) except Exception as err: try: self.syslog.exception("Portal [username:%s] chap auth catch exception, %s" % ( _username, utils.safestr(err.message))) back_login(msg=u"Portal chap auth error,%s" % err.message) except: back_login(msg=u"Portal chap auth error,server process error") finally: cli.close() #################################################################################### ## portal pap auth #################################################################################### @defer.inlineCallbacks def papAuth(): try: cli = PortalClient(secret=secret, syslog=self.syslog) # req auth ra_req = PortalV2.newReqAuth( userIp, username, password, 0, None, secret, ac_addr[0], chap=False ) ra_resp = yield cli.sendto(ra_req, ac_addr) if ra_resp.errCode > 0: if ra_resp.errCode == 2: set_user_cookie() self.redirect(firsturl) return _err_msg = "{0},{1}".format(cmcc.AckAuthErrs[ra_resp.errCode], ra_resp.get_text_info()[0] or "") raise PortalError(_err_msg) # aff_ack aa_req = PortalV2.newAffAckAuth(userIp, secret, ac_addr[0], ra_req.serialNo, 0, chap=False) yield cli.sendto(aa_req, ac_addr, recv=False) self.syslog.info('Portal [username:%s] pap auth success' % _username) if self.settings.debug: self.syslog.debug('Portal [username:%s] pap auth login [cast:%s ms]' % ( _username, (time.time() - start_time) * 1000)) set_user_cookie() self.redirect(firsturl) except Exception as err: try: self.syslog.error("portal [username:%s] pap auth catch exception,%s" % ( _username, utils.safestr(err.message))) back_login(msg=u"portal pap auth error,%s" % utils.safestr(err.message)) except: back_login(msg=u"portal pap auth error,server process error") import traceback traceback.print_exc() finally: cli.close() if is_chap: yield chapAuth() else: yield papAuth()
def post(url,data=None,**kwargs): return treq.post(url, data=safestr(data), pool=pool,data_to_body_producer=StringProducer,**kwargs)
def on_exception(self, err): self.syslog.error('Packet process error:%s' % utils.safestr(err))
self.transport.write(str(resp), (host, port)) except: pass def datagramReceived(self, datagram, (host, port)): ac = self.validAc(host) if not ac: return self.syslog.info('Dropping packet from unknown ac host ' + host) try: req = cmcc.PortalV2( secret=self.secret, packet=datagram, source=(host, port) ) self.syslog.info("Received portal packet from %s:%s: %s"%(host,port,utils.safestr(req))) if req.type in self.actions: self.actions[req.type](req,(host, port)) else: self.syslog.error('Not support packet from ac host ' + host) except Exception as err: self.syslog.error('Dropping invalid packet from %s: %s' % ((host, port), utils.safestr(err))) def on_exception(self, err): self.syslog.error('Packet process error:%s' % utils.safestr(err)) def run_normal(self): log.startLogging(sys.stdout) self.syslog.info('portal server listen %s' % self.portal_host) reactor.listenUDP(self.listen_port, self,interface=self.portal_host)