def post(self, *args, **kwargs):
start_time = time.time()
username = self.get_argument("username", None)
password = self.get_argument("password", None)
domain = self.get_argument("domain", None)
mac = self.get_argument("mac", None)
vlanid1, vlanid2 = 0, 0
cli_dev, cli_os = self.chk_os
isChap = 0
chapId = 0
chapPasswdHex = 'null'
challengeHex = 'null'
gwid = self.get_argument("gwid")
user_ip = self.get_argument("user_ip")
end_url = "{0}://{1}/ikend".format(self.request.protocol, self.request.host)
callback_url = self.get_argument("callback_url")
iknas = yield self.get_ikuai_nas(gwid)
nasaddr = iknas.get("nas_addr", '0.0.0.0')
reqdata = dict(
userName=username,
password=password,
domain=domain,
macAddr=mac,
nasAddr=nasaddr,
vlanId1=vlanid1,
vlanId2=vlanid2,
deviceType=cli_dev,
os=cli_os,
isChap=isChap,
chapId=chapId,
chapPasswdHex=chapPasswdHex,
challengeHex=challengeHex,
)
jsonresp = yield self.policy_auth(reqdata, test=False)
if jsonresp['code'] == 1:
self.render_error(msg=jsonresp['msg'])
return
if self.settings.debug:
self.syslog.debug('ikauth login cast:%s' % (time.time() - start_time))
cparams = dict(
user_id=username,
user_ip=user_ip,
upload=0,
download=0,
phone='',
name='',
comment='',
type='portal',
session_id=utils.get_uuid(),
timestamp=int(time.time())
)
session = dict(
username=username,
nas_addr=nasaddr,
session_id=cparams["session_id"],
start_time=utils.get_currtime(),
ipaddr=user_ip,
macaddr=mac,
input_total=0,
output_total=0
)
session['sign'] = self.mksign(session.values())
_apiurl = "%s/session/add" % self.settings.apiurl
se_resp = yield requests.post(_apiurl,
data=json.dumps(session, ensure_ascii=False),
headers={"Content-Type": ["application/json"]})
if se_resp.code != 200:
self.syslog.error("ikuai session create error : {0}".format(repr(se_resp)))
self.render_error(msg=u"认证失败,创建会话失败")
return
param_str = urllib.urlencode(cparams)
param_str = "{0}&mac={1}".format(param_str, mac)
token = md5("{0}&key={1}".format(param_str, iknas.get('api_key'))).hexdigest()
enc = base64.encodestring(param_str)
full_url = "{0}?ver=1&enc={1}&token={2}&end_url={3}".format(callback_url.strip(), enc, token, end_url)
self.syslog.info("[username:{0}] callback {1}".format(username, full_url))
if self.settings.debug:
self.syslog.debug('ikportal auth cast:%s' % (time.time() - start_time))
self.redirect(full_url)
def set_user_cookie():
self.set_secure_cookie("portal_user", _username, expires_days=1)
self.set_secure_cookie("portal_logintime", utils.get_currtime(), expires_days=1)
self.set_secure_cookie("portal_qstr", qstr, expires_days=1)
