search

coova / coova-chilli

CoovaChilli is an open-source software access controller for captive portal hotspots.
Other
520 stars 260 forks source link

Logon with ChilliController.js #110

Open holographix opened 9 years ago

holographix commented 9 years ago

I'm trying to logon through the JS Chilli Controller, but when I try to do so, all I get in response is an infamous ClientState=0.

for testing purposes, I'm using this simple web page:

        <html>
        <head>
            <title></title>
            <script type="text/javascript" src="ChilliLibrary.js"></script>
            <script type="text/javascript" src="chilliController.js"></script>
            <script type="text/javascript">
                chilliController.host = "192.168.10.1";
                chilliController.port = "3990";

                chilliController.onError = function(err) { console.log('err: ', err) } ;

                function connect() {
                    var username =  'usertest';
                    var password =  'passwd';
                    chilliController.logon( username , password ) ;
                }

            </script>
        </head>
        <body>
            <button onClick="connect();">TEST CONNECTION</button>
        </body>
        </html>

When I try to log in, with those credentials (usertest:passwd, that already work when I log on the traditional login form, provided by coova), I get a JSON Response with ClientState=0

chilliJSON: JSON reply received in 1100 ms
    version = 1.0
    clientState = 0
    challenge = c66e2dcc47c00928e696b995459ce7a5
    redir = [object Object]
      originalURL = http://google.com/
      redirectionURL = 
      logoutURL = http://192.168.10.1:3990/logoff
      ipAddress = 192.168.10.10
      macAddress = 66-09-28-8C-F9-33

does anybody know what could be the reason? Thx in advance.

irongomme commented 9 years ago

It is the same for me , I login with a server side generated URL

I'm doing this with PHP : 

$uamip = '192.168.182.1'; //Your UAMIP
$uamport = '3990'; //Your UAMPORT
$username = 'toto'; //Username for login
$password = 'code'; //Password associated to the username
$challenge = 'abcefghijklmnopqrstywxyz123456789'; //Your dynamic challenge
$chilli_secret = 'secret'; //Your chilli secret in your coovachilli configuration file

...

$hexchal = pack ("H32", $challenge);
$newchal = pack ("H*", md5($hexchal . $chilli_secret));
$response = md5("\0" . $password . $newchal);
$newpwd = pack("a32", $password);
$pappassword = implode ("", unpack("H32", ($newpwd ^ $newchal)));

$authentification_url = 'http://' . $uamip . ':' . $uamport . '/logon';
$authentification_url.= '?username=' . urlencode($username);
$authentification_url.= '&response=' . urlencode($response);

Then you have to call this url and you should have a clientState = 1

holographix commented 9 years ago

I will give it a try, but unfortunately I have to make it work in javascript, since I'm not using apache/php on this project. But thanks anyway

greemlin commented 8 years ago

@holographix

Hi Aaron, I am facing the same with javascript and Chilli. Have you found out a solution?

sarfarazengglb commented 8 years ago

irongomme is right.It is working fine for me.You need to do some workaround to make it working.