Esempio n. 1
0
    def send_accept(self, req, nas, **args):
        service.incr_stat(service.STAT_AUTH_ACCEPT)
        reply = req.CreateReply()
        reply.source = req.source
        reply.code = packet.AccessAccept

        if args:
            reply.set_framed_ip_addr(args.get("ipaddr"))
            reply.set_filter_id(nas.vendor_id, args.get("bandcode"))
            reply.set_special_str(nas.vendor_id, "context",
                                  args.get("domain_code"))
            reply.set_special_int(nas.vendor_id, "input_max_limit",
                                  args.get("input_max_limit"))
            reply.set_special_int(nas.vendor_id, "output_max_limit",
                                  args.get("output_max_limit"))
            reply.set_special_str(nas.vendor_id, "input_rate_code",
                                  args.get("input_rate_code"))
            reply.set_special_str(nas.vendor_id, "output_rate_code",
                                  args.get("output_rate_code"))

        req.sock.sendto(reply.ReplyPacket(), reply.source)

        if is_debug():
            radiuslog.debug("[Auth] send an authentication accept,user[%s],nas[%s]"\
                %(req.get_username(),nas.ip_addr))
Esempio n. 2
0
    def send_accept(self,req,nas,**args):
        service.incr_stat(service.STAT_AUTH_ACCEPT)
        reply = req.CreateReply()
        reply.source = req.source
        reply.code=packet.AccessAccept

        if args:
            reply.set_framed_ip_addr(args.get("ipaddr"))
            reply.set_filter_id(nas.vendor_id,args.get("bandcode"))
            reply.set_special_str(nas.vendor_id,"context",args.get("domain_code"))
            reply.set_special_int(nas.vendor_id,"input_max_limit",args.get("input_max_limit"))
            reply.set_special_int(nas.vendor_id,"output_max_limit",args.get("output_max_limit"))
            reply.set_special_str(nas.vendor_id,"input_rate_code",args.get("input_rate_code"))
            reply.set_special_str(nas.vendor_id,"output_rate_code",args.get("output_rate_code"))

        req.sock.sendto(reply.ReplyPacket(), reply.source)     

        if is_debug():
            radiuslog.debug("[Auth] send an authentication accept,user[%s],nas[%s]"\
                %(req.get_username(),nas.ip_addr))
Esempio n. 3
0
    def process(self, req):
        attr_keys = req.keys()
        if is_debug():
            radiuslog.info("::Received an authentication request")
            radiuslog.info("Attributes: ")
            for attr in attr_keys:
                radiuslog.info("%s: %s" % (attr, req[attr]))

        nasaddr = req.get_nasaddr()
        macaddr = req.get_macaddr()
        nas = service.get_nas(nasaddr)

        # check roster
        if service.in_black_roster(macaddr):
            return self.send_reject(req, nas, 'user in black roster')

        vlanid, vlanid2 = req.get_vlanids()
        username1 = req.get_username()
        domain = None
        username2 = username1
        if "@" in username1:
            username2 = username1[:username1.index("@")]
            req["User-Name"] = username2
            domain = username1[username1.index("@") + 1:]

        if not service.user_exists(username2):
            return self.send_reject(req, nas, 'user not exists')

        user = service.get_user(username2)

        if user.status != 1:
            return self.send_reject(req, nas, 'Invalid user status')

        if domain and domain not in user.domain_code:
            return self.send_reject(req, nas, 'user domain does not match')

        if nasaddr not in service.get_nas_ips(user.node_id):
            return self.send_reject(req, nas, 'node does not match')

        if not utils.is_valid_date(user.auth_begin_date, user.auth_end_date):
            return self.send_reject(req, nas,
                                    'user is not effective or expired')

        userpwd = utils.decrypt(user.password)
        if not req.is_valid_pwd(userpwd):
            return self.send_reject(req, nas, 'user password does not match')

        uproduct = service.get_product(user.product_id)
        if not uproduct:
            return self.send_reject(req, nas, 'user product does not match')

        if uproduct.policy == service.POLICY_TIMING and user.time_length <= 0:
            return self.send_reject(req, nas,
                                    'user does not have the time length')

        if not self.verify_macaddr(user, macaddr):
            return self.send_reject(req, nas, 'user macaddr bind not match')

        valid_vlanid = self.verify_vlan(user, vlanid, vlanid2)
        if valid_vlanid == 1:
            return self.send_reject(req, nas, 'user vlanid does not match')
        elif valid_vlanid == 2:
            return self.send_reject(req, nas, 'user vlanid2 does not match')

        if user.concur_number > 0:
            if user.concur_number <= service.get_online_num(user.user_name):
                return self.send_reject(req, nas, 'user concur_number control')
        return self.send_accept(
            req, nas,
            **dict(ipaddr=user.ip_addr,
                   bandcode=uproduct.bandwidth_code,
                   input_max_limit=str(uproduct.input_max_limit),
                   output_max_limit=str(uproduct.output_max_limit),
                   input_rate_code=uproduct.input_rate_code,
                   output_rate_code=uproduct.output_rate_code,
                   domain_code=user.domain_code))
Esempio n. 4
0
    if len(results) >= 200:
        message = "Listen er begrenset til 200 termer"
    elif len(results) == 1:
        message = "Fant " + str(len(results)) + " term"
    elif results:
        message = "Fant " + str(len(results)) + " termer"
    else:
        message = "Fant ingen termer"

    return render_template('index.html', page=page, query=query,
                           mode=mode, option=option,
                           message=message, results=results)

@app.route("/dictionary/about", methods=['GET'])
def dict_about():
    return render_template('index.html', page='about')

@app.route("/dictionary/help", methods=['GET'])
def dict_help():
    return render_template('index.html', page='help')

@app.route("/dictionary/eng", methods=['GET'])
def dict_eng():
    return render_template('index.html', page='eng')

if __name__ == '__main__':
    if settings.is_debug():
        logger.info("DEBUG mode enabled")
        app.debug = True
    app.run(host='0.0.0.0', port=5000)
Esempio n. 5
0
    def process(self,req):
        attr_keys = req.keys()
        if is_debug():
            radiuslog.info("::Received an authentication request")
            radiuslog.info("Attributes: ")        
            for attr in attr_keys:
                radiuslog.info( "%s: %s" % (attr, req[attr]))

        nasaddr = req.get_nasaddr()
        macaddr = req.get_macaddr()
        nas = service.get_nas(nasaddr)

        # check roster 
        if service.in_black_roster(macaddr):
            return self.send_reject(req,nas,'user in black roster')

        vlanid,vlanid2 = req.get_vlanids()
        username1 = req.get_username()
        domain = None
        username2 = username1
        if "@" in username1:
            username2 = username1[:username1.index("@")]
            req["User-Name"] = username2
            domain = username1[username1.index("@")+1:]

        if not service.user_exists(username2):
            return self.send_reject(req,nas,'user not exists')

        user = service.get_user(username2)

        if user.status != 1:
            return self.send_reject(req,nas,'Invalid user status')          

        if domain and domain not in user.domain_code:
            return self.send_reject(req,nas,'user domain does not match')       

        if nasaddr not in service.get_nas_ips(user.node_id):   
            return self.send_reject(req,nas,'node does not match')

        if not utils.is_valid_date(user.auth_begin_date,user.auth_end_date):
            return self.send_reject(req,nas,'user is not effective or expired')

        userpwd = utils.decrypt(user.password)
        if not req.is_valid_pwd(userpwd):
            return self.send_reject(req,nas,'user password does not match')

        uproduct = service.get_product(user.product_id)
        if not uproduct:
            return self.send_reject(req,nas,'user product does not match')

        if uproduct.policy == service.POLICY_TIMING and user.time_length <= 0:
            return self.send_reject(req,nas,'user does not have the time length')

        if not self.verify_macaddr(user,macaddr):
            return self.send_reject(req,nas,'user macaddr bind not match')

        valid_vlanid = self.verify_vlan(user,vlanid,vlanid2)
        if valid_vlanid == 1:
            return self.send_reject(req,nas,'user vlanid does not match')            
        elif valid_vlanid == 2:
            return self.send_reject(req,nas,'user vlanid2 does not match')    

        if user.concur_number > 0:
            if user.concur_number <= service.get_online_num(user.user_name):
                return self.send_reject(req,nas,'user concur_number control')  
        return self.send_accept(req,nas,**dict(ipaddr=user.ip_addr,
                      bandcode=uproduct.bandwidth_code,
                      input_max_limit=str(uproduct.input_max_limit),
                      output_max_limit=str(uproduct.output_max_limit),
                      input_rate_code=uproduct.input_rate_code,
                      output_rate_code=uproduct.output_rate_code,
                      domain_code=user.domain_code))