Development

2026-06-05 21:28:05 -04:00 · 2026-06-05 21:28:05 -04:00 · 47b0e98e31
commit 47b0e98e31
parent a6031616df
9 changed files with 304 additions and 0 deletions
--- a/docker/routlin-dash/app/pages/radius/action.py
+++ b/docker/routlin-dash/app/pages/radius/action.py
@ -8,9 +8,12 @@ from flask import Blueprint, request, redirect, flash, send_file, abort, jsonify
 from auth import require_level
 from config_utils import CONFIGS_DIR, load_config, record_group, diff_fields
 import mod_validation as validate
+import license

 _PAGE = Path(__file__).parent.name

+PRO_LICENSE = license.is_pro()
+
 bp = Blueprint(_PAGE, __name__)

 RADIUS_SECRET_FILE = Path(CONFIGS_DIR) / '.radius-secret'
@ -52,6 +55,27 @@ def options_save():
    return redirect(f'/{_PAGE}')


+@bp.route('/action/radius/auth_mode_save', methods=['POST'])
+@require_level('administrator')
+def auth_mode_save():
+    auth_mode = request.form.get('auth_mode', 'mab')
+    if auth_mode not in ('mab', 'eap_password', 'eap_credential'):
+        flash('Invalid authentication mode.', 'error')
+        return redirect(f'/{_PAGE}')
+    if auth_mode in ('eap_password', 'eap_credential') and not PRO_LICENSE:
+        flash('This authentication mode requires a Routlin Pro license.', 'error')
+        return redirect(f'/{_PAGE}')
+
+    cfg    = load_config()
+    before = copy.deepcopy(cfg.get('radius', {}).get('options', {}))
+    after  = {**before, 'auth_mode': auth_mode}
+    cfg.setdefault('radius', {})['options'] = after
+
+    changes = diff_fields(before, after)
+    flash(record_group(cfg, 'radius.options', 'auth_mode', auth_mode, changes, 'core apply'), 'success')
+    return redirect(f'/{_PAGE}')
+
+
@bp.route('/action/radius/default_rule_save', methods=['POST'])
@require_level('administrator')
 def default_rule_save():