Skip to content

WiFiDog Auth flow

Jump to bottom
sink edited this page Nov 16, 2024 · 1 revision

Auth flow

image

HTTP interface of the wifidog auth server.

Ping

Request URL

http://$auth_server:$port/ping?gw_id=$gw_id&sys_uptime=$sys_uptime&sys_memfree=$sys_memfree&sys_load=$sys_load&wifidog_uptime=$wifidog_uptime
Url Param Param Description wifidog version
gw_id wifi-dog gateway id v1
sys_uptime start up time of system v1
sys_memfree system memory free percent v1
sys_load system loadage v1
wifidog_uptime running time of wifi-dog gateway v1

Note: response is 'Pong ' with rules appended. rules is consist of host/network rule, ip white list, mac black list, mac white list and domain white list.

Login

Request URL

http://auth_server:port/login?gw_id=$gw_id&gw_address=$gw_address&gw_port=$gw_port&url=$url
Url Param Param Description wifidog version
gw_id wifi-dog gateway id v1
gw_address wifidog gateway address for redirect v1
gw_port wifidog gatewat port for redirect v1
url url accessed of user-endpoint v1

Note:

Upon successfull login, the client will be redirected to 'gateway/wifidog/auth?token=$token&url=$url' with HTTP code 302

Then gateway will request 'auth_server/auth/?stage=login&token=xxx', auth_server will return text like "Auth: 1".

Auth

Request URL

http://auth_server:port/auth?ip=$ip&mac=$mac&token=$tokrn&incoming=$incoming&outgoing=$outgoing&stage=$stage
Url Param Param Description wifidog version
ip user-endpoint ip address v1
mac user-endpoint mac address v1
token token is created by interface 'login' v1
incoming download Octets v1
outgoing upload Octets v1
stage stage of auth. value is 'login' 'logout' or 'counters' v1

Note:

  • 0 - AUTH_DENIED - User firewall users are deleted and the user removed. Client will be redirected to auth_server/gw_message.php?message=denied
  • 6 - AUTH_VALIDATION_FAILED - User email validation timeout has occured and user/firewall is deleted. Client will be redirected to auth_server/gw_message.php?message=failed_validation
  • 1 - AUTH_ALLOWED - User was valid, add firewall rules if not present. Client will be redirected to auth_server/portal/?gw_id=xxx
  • 5 - AUTH_VALIDATION - Permit user access to email to get validation email under default rules. Client will access /gw_message.php?message=activate
  • -1 - AUTH_ERROR - An error occurred during the validation process. Gateway will show error in this page(gateway/wifidog/auth?token=xxx), no redirect.

Portal

Request URL

http://auth_server:port/portal?gw_id=$gw_id
Url Param Param Description wifidog version
gw_id wifidog gateway id v1

Note: this request will be redirect to fixed URL config or AD page for AD impression with HTTP code 302

Clone this wiki locally