Unix TimeStamp Based Login

Phil Mayers p.mayers at imperial.ac.uk
Mon May 14 14:25:10 CEST 2012


On 14/05/12 12:09, jomajo wrote:
> Hello Phil. Ofcourse it is not! I don't know (other people) but if they know
> any helpful information related with this, please let me know.

Ah, sorry, I'm confused - you're the same person!

>
> Can you share more information about Matthew lab ? How he's reserving a time
> slot and authenticating users with freeradius?
>
> This information would be really helpful, because I'm tying to achieve this
> too

So, in brief, you want something like this:

Let's say you have an SQL table:

username string, start_time integer, end_time integer

...and the start/end times are unix seconds-since-epoch. You could 
implement this as follows.

First, create three local attributes in raddb/dictionary:

ATTRIBUTE	Resv-Start-Time		3010	integer
ATTRIBUTE	Resv-End-Time		3011	integer
ATTRIBUTE	Resv-Cur-Time		3012	integer

Second, write an "unlang" policy in your virtual server like so:

authorize {
   ...
   update request {
     Resv-Start-Time := "%{sql:select start_time from resv where 
username='%{User-Name}'}"
     Resv-End-Time := "%{sql:select end_time from resv where 
username='%{User-Name}'}"
     Resv-Cur-Time := "%l"
   }

   if (Resv-Cur-Time < Resv-Start-Time) {
     reject
     update reply {
       Reply-Message := "your slot has not yet started"
     }
   }

   if (Resv-Cur-Time > Resv-End-Time) {
     reject
     update reply {
       Reply-Message := "your slot has finished"
     }
   }

   # you probably want to set the Session-Timeout so they get kicked off
   update reply {
     Session-Timeout := "%{expr:%{Resv-End-Time} - %{Resv-Cur-Time}}"
   }

   ...
}

Hopefully it's clear what this does, and how it works.


More information about the Freeradius-Users mailing list