mgrotke/linuxrouter
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Development

Browse source
This commit is contained in:
Matthew Grotke 2026-06-08 01:19:29 -04:00
parent f011594b04
commit b4e773c7b2
5 changed files with 32 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docker/routlin-dash/app/pages/captiveportal/content.json
View file

@ -202,7 +202,7 @@
"input_type": "number", "input_type": "number",
"min": 0, "min": 0,
"value": "0", "value": "0",
"hint": "How long after creation an account is valid before it permanently expires. 0 = never expires." "hint": "How long before account permanently expires. 0 = never expires."
}, },
{ {
"type": "field", "type": "field",

2
docker/routlin-dash/app/pages/clientcredentials/content.json
View file

@ -201,7 +201,7 @@
"input_type": "number", "input_type": "number",
"min": 0, "min": 0,
"value": "0", "value": "0",
"hint": "How long after creation an account is valid before it permanently expires. 0 = never expires." "hint": "How long before account permanently expires. 0 = never expires."
}, },
{ {
"type": "field", "type": "field",

2
docker/routlin-dash/app/pages/radius/content.json
View file

@ -251,7 +251,7 @@
"input_type": "number", "input_type": "number",
"min": 0, "min": 0,
"value": "%RADIUS_DEFAULT_EXPIRATION_VALUE%", "value": "%RADIUS_DEFAULT_EXPIRATION_VALUE%",
"hint": "How long after creation an account is valid before it permanently expires. 0 = never expires." "hint": "How long before account permanently expires. 0 = never expires."
}, },
{ {
"type": "field", "type": "field",

5
docker/routlin-portal/app/page.py
View file

@ -80,7 +80,10 @@ def _verify_credential(username, password, vlan_name):
return False return False
if row is None: if row is None:
return False return False
if row['session_seconds'] > 0 and (row['date_set'] + row['session_seconds']) < int(time.time()): now = int(time.time())
if row['session_seconds'] > 0 and (row['date_set'] + row['session_seconds']) < now:
return False
if row['expires_seconds'] > 0 and (row['date_set'] + row['expires_seconds']) < now:
return False return False
if row['digest_type'] == DIGEST_HASH_BCRYPT: if row['digest_type'] == DIGEST_HASH_BCRYPT:
try: try:

28
routlin/check_captive_users.py
View file

@ -39,11 +39,23 @@ def main():
(now,), (now,),
) )
] ]
account_expired_ips = [
row["ip"]
for row in conn.execute(
"""SELECT s.ip FROM sessions s
JOIN credentials c ON s.credential_id = c.id
WHERE c.expires_seconds > 0
AND (c.date_set + c.expires_seconds) <= ?""",
(now,),
)
]
except sqlite3.OperationalError: except sqlite3.OperationalError:
conn.close() conn.close()
return return
if not expired_ips: all_ips = list(set(expired_ips + account_expired_ips))
if not all_ips:
conn.close() conn.close()
return return
@ -51,14 +63,24 @@ def main():
"DELETE FROM sessions WHERE expires_at IS NOT NULL AND expires_at <= ?", "DELETE FROM sessions WHERE expires_at IS NOT NULL AND expires_at <= ?",
(now,), (now,),
) )
if account_expired_ips:
conn.execute(
"""DELETE FROM sessions WHERE id IN (
SELECT s.id FROM sessions s
JOIN credentials c ON s.credential_id = c.id
WHERE c.expires_seconds > 0
AND (c.date_set + c.expires_seconds) <= ?)""",
(now,),
)
conn.commit() conn.commit()
conn.close() conn.close()
lines = "".join(f"disallow {ip}\n" for ip in expired_ips) lines = "".join(f"disallow {ip}\n" for ip in all_ips)
with open(QUEUE_FILE, "a") as f: with open(QUEUE_FILE, "a") as f:
f.write(lines) f.write(lines)
print(f"check_captive_users: queued disallow for {len(expired_ips)} expired session(s).") print(f"check_captive_users: queued disallow for {len(all_ips)} expired session(s) "
f"({len(expired_ips)} session timeout, {len(account_expired_ips)} account expired).")
if __name__ == "__main__": if __name__ == "__main__":