RADIUSdesk

logo
Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
radiusdesk:login_pages:otp [2023/01/25 17:53]
admin [OTP For User Registration] 		radiusdesk:login_pages:otp [2023/01/26 01:44] (current)
admin [Enable System To Send OTPs]
Line 4: Line 4:
   * A user will typically provide a **mobile number** or **email address**.   * A user will typically provide a **mobile number** or **email address**.
   * The system will then send a code to the mobile number using SMS or to the email address using an email.   * The system will then send a code to the mobile number using SMS or to the email address using an email.
-  * This code will be used to by the user to validate itself to the system.+  * This code will be used by the user to validate itself to the system.
   * As for February 2023 RADIUSdesk includes support for OTP verification for Captive Portal (Hotspot) users.   * As for February 2023 RADIUSdesk includes support for OTP verification for Captive Portal (Hotspot) users.
   * We support the following ways to send the OTP:   * We support the following ways to send the OTP:
Line 16: Line 16:
 ===== Enable System To Send OTPs ===== ===== Enable System To Send OTPs =====
   * In order for RADIUSdesk to send an OTP you have to configure the system to be able to send the OTP using email or SMS.   * In order for RADIUSdesk to send an OTP you have to configure the system to be able to send the OTP using email or SMS.
-  * RADIUSdesk allows for you to configure a system wide configuration but it also allows you to define per cloud setting which will take preference over they system wide settings.+  * RADIUSdesk allows for you to configure a system wide configuration but it also allows you to define per cloud settings which will take preference over the system wide settings.
   * See the following screenshot for the email configuration:   * See the following screenshot for the email configuration:
 {{:radiusdesk:login_pages:sendgrid_config.png?nolink|}} {{:radiusdesk:login_pages:sendgrid_config.png?nolink|}}
Line 48: Line 48:
         * Time limited. e.g. Session-Timeout should be 360 seconds (5minutes)         * Time limited. e.g. Session-Timeout should be 360 seconds (5minutes)
         * The bandwidth should be limited.         * The bandwidth should be limited.
-  * This will allow for the user that registers to obtain their email address but not much beyond that in terms of Internet connection. +  * This will allow for the user that registers to retrieve the OTP from their email but not much beyond that in terms of Internet connection. 
-  * +  * The email with the OTP will also contain a link which the user can click to confirm the OTP to the system. 
 +  * This makes is easy if the WebView with the Captive Portal Login Page closed while the user retrieved the OTP from their email.
  
 ===== OTP For Click To Connect ===== ===== OTP For Click To Connect =====
 {{:radiusdesk:login_pages:otp_click_to_connect.png?nolink|}} {{:radiusdesk:login_pages:otp_click_to_connect.png?nolink|}}
 +
 +  * With OTP for Click To Connect there are one of two options.
 +  * If you select the email option for the OTP, again you have to provide temporary Internet access to the user as with User Registration above.
 +  * If you select SMS option (the user's mobile number) you don't need to provide anything since the OTP will be delivered as an SMS.
 +  * We also again added a link in the email for the user to conveniently confirm the OTP by clicking on the link.  
 +
 +===== Some Technical Items =====
 +==== Expiry of the OTP ====
 +  * The current expiry time for an OTP is two minutes.
 +  * This can be adjusted by editing **/var/www/html/cake4/rd_cake/src/Controller/RegisterUsersController.php** and **/var/www/html/cake4/rd_cake/src/Controller/DataCollectortsController.php** files.
 +  * Look for this line and adjust acordingly.
 +<code php>
 +protected $valid_minutes = 2; //The time that an OTP will be valid (in minutes)
 +</code>
 +  * For the verification through the Email link we expire the OTP after** $valid_minutes times two**. (4minutes)
 +
 +==== Disconnecting Temp Connection ====
 +  * The URL link in the email will cause a redirect to a special CoovaChilli URL that will log the user out (http://1.0.0.0).
 +  * For this to happen the user should be connected to the Captive Portal so that this URL can log them out.
 +
 +<code php>
 +if($otp == $q_r->value){
 +    $success = true;
 +    $this->{'PermanentUserOtps'}->patchEntity($q_r, ['status' => 'otp_confirmed']);
 +    $this->{'PermanentUserOtps'}->save($q_r);
 +    $user_id = $q_r->permanent_user_id;
 +    $q_pu = $this->{'PermanentUsers'}->find()->where(['PermanentUsers.id' =>$user_id])->first();
 +        if($q_pu){
 + $this->{'PermanentUsers'}->patchEntity($q_pu, ['active' => 1]);
 + $this->{'PermanentUsers'}->save($q_pu);
 + }
 + $this->response = $this->response->withHeader('Location', "http://1.0.0.0");     
 +        return $this->response;
 +
 +}else{
 +
 +</code>
 +<WRAP center round important 100%>
 +We are still looking for a similar way to disconnect users on a Mikrotik based Hotspot.
 +</WRAP>
 +
 +
 +
 +
  
  
Last modified: 2023/01/25 17:53