Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive portal manual logout page address

    Scheduled Pinned Locked Moved Captive Portal
    105 Posts 15 Posters 57.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      EMWEE
      last edited by

      if ($writecfg == true)
                          write_config();
      
                  $timeout = 0;
                  if (!empty($config['captiveportal'][$cpzone]['timeout']) && is_numeric($config['captiveportal'][$cpzone]['timeout'])) {
                          $timeout = time() + $config['captiveportal'][$cpzone]['timeout'] * 60;
                          setcookie("cookie_portal", $sessionid, $timeout);
                  } else
                          setcookie("cookie_portal", $sessionid, $timeout);   
      ```Line 2086 in http://pastebin.com/BUstXyr1\. Thats where the cookie is set. The other 2 changes are the functions: already_connected and portal_reply_page
      
      What i didnt find in this topic is what version of pfSense are you using? I tried GertJan's code for 2.1.5 at first and when i got that working i tried to copy it to a 2.2 box…it didnt worked. I just replaced the function by hand in the original captiveportal.inc and index.php files instead of replacing the whole file. Maby you can try that.
      
      Post your captiveportal.inc again to see whats wrong.
      1 Reply Last reply Reply Quote 0
      • A
        amitaussie
        last edited by

        Hi Gertjan & EMWEE!

        At last I got it working…..

        Problem was the 3rd change in captiveportal.inc file.

        1. Replace the entire function portal_allow(…) with this one : http://pastebin.com/jDHVaNwf (actually, I just added nearly at the bottom one line:

        setcookie("cookie_portal", $sessionid);

        If I copy entire mentioned 3rd function from Gertjan's http://pastebin.com/jDHVaNwf then it is giving that error
        "Fatal error: Call to undefined function sqlite_escape_string() in /etc/inc/captiveportal.inc"
        I copied first 2 functions entirely from Gertjan's pastebin but in last 3rd function I added a line as suggested by gertjan "setcookie("cookie_portal", $sessionid);" in function portal_allow(…) after line...(as told by Gertjan earlier. so do not copy 3rd function entirely from pastebin)

        if ($writecfg == true)
        write_config();
        setcookie("cookie_portal", $sessionid);

        CP page is showing and "log out page" some times appears and some time not but I can recall "log out page" by entering address "192.168.100.1:8002" in url anytime and it also gets disconnected if hit logout button so its working.
        Only 1 problem is left "log out page" gets redirected after entering user name and password so it does not appear always as it should. I have also updated my pastebin files.
        /etc/inc/captiveportal.inc- http://pastebin.com/BUstXyr1
        /usr/local/captiveportal/index.php- http://pastebin.com/ffj69qAb

        But at last great work and great support…..

        Thanks & Regards

        amitaussie

        1 Reply Last reply Reply Quote 0
        • E
          EMWEE
          last edited by

          
                  $timeout = 0;
                  if (!empty($config['captiveportal'][$cpzone]['timeout']) && is_numeric($config['captiveportal'][$cpzone]['timeout'])) {
                          $timeout = time() + $config['captiveportal'][$cpzone]['timeout'] * 60;
                          setcookie("cookie_portal", $sessionid, $timeout);
                  } else
                          setcookie("cookie_portal", $sessionid, $timeout); 
          

          Dont know if this works…i only have

          setcookie("cookie_portal", $sessionid)
          

          "log out page" some times appears and some time not

          It should give you a logout page when u revisit 192.168.100.1:8002 and when u have a cookie.

          So no cookie = no logout.

          But I can recall "log out page" by entering address "192.168.100.1:8002" in url anytime and it also gets disconnected if hit logout button so its working.

          This is the opposit of what you stated above….

          Only 1 problem is left "log out page" gets redirected after entering user name and password so it does not appear always as it should.

          So your logout page shows up right after u logged in?

          1 Reply Last reply Reply Quote 0
          • A
            amitaussie
            last edited by

            "log out page" some times appears and some time not

            By this I want to say that after log in via CP, log out page does not appear as it should, rather I am redirected to intended site. Like if I start to use internet and want to browse google, CP page comes in, I log in , now log out page should appear but it does not, I am redirected to google site and when I need to log out I has to recall log out page. but sometimes I dont get redirected to intended site instead log out page remains.
            cookies are enabled in my browser by default. but log out page should come if cookies are disabled too. is int it?

            Thanks & Regards
            amitaussie

            1 Reply Last reply Reply Quote 0
            • GertjanG
              Gertjan
              last edited by

              @amitaussie:

              By this I want to say that after log in via CP, log out page does not appear as it should, rather I am redirected to intended site.

              This is ok and normal.

              That's why I tell about it on my login page -

              Btw: as said before, the original patches were valid for 2.1.5.
              To make them work on 2.2 you just can't copy entire functions drom (my) pastbin.org - you should have putting in the replacements. The is because other stuff changed also, remember 2.1.5 is not 2.2 - many lines have changed.
              By putting in 2.1.5 functions, you downgraded your 2.2 - and that can give strange results, or worse.
              I should have post diff files on pastebin - or files for each version.

              @amitaussie:

              ….
              cookies are enabled in my browser by default. but log out page should come if cookies are disabled too. is int it?

              Not possible.
              No cookie = logout page can't pop up.
              Just check the code yourself : the cookie has to be found.
              The cookie contains your sessionid
              The sessionsid is looked up in the users database.
              If its found, a logout page is produced and you can see it.

              Btw: IF your are logged in - and you accept cookies, the visiting this page 192.168.100.1:8002 (on your pfSEnse box) will produce the logout page.

              This:

                      $timeout = 0;
                      if (!empty($config['captiveportal'][$cpzone]['timeout']) && is_numeric($config['captiveportal'][$cpzone]['timeout'])) {
                              $timeout = time() + $config['captiveportal'][$cpzone]['timeout'] * 60;
                              setcookie("cookie_portal", $sessionid, $timeout);
                      } else
                              setcookie("cookie_portal", $sessionid, $timeout); 
              
              

              is the nearly same thing as this:

              setcookie("cookie_portal", $sessionid, 0);
              

              The difference is that I test first if a hard timeout is set on the portal interface (in minutes).
              If it exists, its used to set the max live of the cookie, because, the user will be disconnected after that time. No need to keep the cookie alive after that. It will die by itself.
              If the hard timeout isn't set, then a normal

              setcookie("cookie_portal", $sessionid, 0);
              

              will be used, which is the same as:

              setcookie("cookie_portal", $sessionid);
              

              Anyway, since I discovered that CNA is bugging all this severely, I'm still trying to mix up "IP/MAC and cookie" logout …. works is still in progress.

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              • A
                amitaussie
                last edited by

                Hi Gertjan!

                Thanks for the explanation.

                It would be better if it can work on 2.2 too.

                Thanks & Regards!

                amitaussie

                1 Reply Last reply Reply Quote 0
                • E
                  EMWEE
                  last edited by

                  It does work on 2.2. Just do the same thing. But dont copy the whole files…just insert the needed parts.

                  If you want to be redirected to the logout page right after you logged in you can simply enter the redirected url in the GUI.

                  I use this to be redirected to the coporate website.

                  1 Reply Last reply Reply Quote 0
                  • A
                    amitaussie
                    last edited by

                    Hi!

                    Yes, it is working in 2.2!

                    But I found a problem I dont know if I am right?

                    I am browsing internet after log in via CP login page, I want to log out, I recall log out page 192.168.100.1:8002, it comes,  but if I close the browser without logging out and later on when I try to log out by recalling log out page, I am redirected to CP Login page and after entering credentials then only I am redirected to log out page.

                    Problem is if I am already logged in and I want to log out by recalling 192.168.100.1:8002, then log out page should come, not CP log in page. isnt it?

                    1 Reply Last reply Reply Quote 0
                    • GertjanG
                      Gertjan
                      last edited by

                      @amitaussie:

                      I am browsing internet after log in via CP login page, I want to log out, I recall log out page 192.168.100.1:8002, it comes,  but if I close the browser without logging out and later on when I try to log out by recalling log out page, I am redirected to CP Login page and after entering credentials then only I am redirected to log out page.

                      This is by design  ;)
                      I already talked about setcookie() and how the browser handles cookies.
                      Read again: http://php.net/manual/en/function.setcookie.php
                      And this time, see what the THIRD parameter does: expire.

                      Remember :

                      setcookie("cookie_portal", $sessionid);
                      

                      is the same thing as

                      setcookie("cookie_portal", $sessionid, 0);
                      

                      What you described in your question:

                      The time the cookie expires. This is a Unix timestamp so is in number of seconds since the epoch. In other words, you'll most likely set this with the time() function plus the number of seconds before you want it to expire. Or you might use mktime(). time()+606024*30 will set the cookie to expire in 30 days. If set to 0, or omitted, the cookie will expire at the end of the session (when the browser closes).

                      So => closing browser == cookie destroyed == no more log out page.
                      This means you have to walk through the login again to get a cookie to be able to logout.
                      Exactly as you found out.

                      A solution might:

                      setcookie("cookie_portal", $sessionid, time()+strtotime("+1 day"));
                      

                      This cookie will be persistent for one day.

                      No "help me" PM's please. Use the forum, the community will thank you.
                      Edit : and where are the logs ??

                      1 Reply Last reply Reply Quote 0
                      • A
                        amitaussie
                        last edited by

                        Hi Gertjan!

                        This solution is perfect now, I hope! working great in 2.2!

                        setcookie("cookie_portal", $sessionid, time()+strtotime("+1 day"));

                        For one day it is ok.
                        Testing it further to see if there's anything to improve (hopefully nothing :))

                        Thanks & Regards

                        1 Reply Last reply Reply Quote 0
                        • GertjanG
                          Gertjan
                          last edited by

                          @amitaussie:

                          ….
                          Testing it further to see if there's anything to improve (hopefully nothing :))

                          Ok, good.
                          I conclude that you do not use any smartphones like Androids en iDevices (iPhone, iPads) on your portal network ?
                          Because they use CNA 'navigator' which will discard the cookie on login …..
                          This means that, as you said already, people have to re-login with their 'real' browser to get a cookie - to be able to log out ....

                          No "help me" PM's please. Use the forum, the community will thank you.
                          Edit : and where are the logs ??

                          1 Reply Last reply Reply Quote 0
                          • A
                            amitaussie
                            last edited by

                            Hi!

                            Well…

                            People do use smartphones to browse internet in my network. So you mean to say they won't be able to access log out page...oh! ok. If it can be solved then its great! Otherwise not a big issue as everyone uses his own smartphone etc. and if they are not served a log out page.

                            Thanks & Regards!

                            1 Reply Last reply Reply Quote 0
                            • D
                              doktornotor Banned
                              last edited by

                              @amitaussie:

                              So you mean to say they won't be able to access log out page…oh! ok. If it can be solved then its great! Otherwise not a big issue as everyone uses his own smartphone etc. and if they are not served a log out page.

                              No, no, no… you misunderstood that issue. They will be logged out as soon as they've logged in via the crippled CNA "browser". They need to use their real browser to log in if they want to continue browsing.

                              1 Reply Last reply Reply Quote 0
                              • A
                                amitaussie
                                last edited by

                                Hi!

                                oh ! Is this CNA browser feature offered by Apple IOS only ? As I have checked with my Samsung mobile, i am offered my CP login page and after log in, I am able to browse and recall log out page. Its working in Samsung mobile.

                                Do i have to install any other browser in Apple devices to bypass this CNA feature, like chrome etc.?

                                Thanks & Regards!

                                amitaussie

                                1 Reply Last reply Reply Quote 0
                                • D
                                  doktornotor Banned
                                  last edited by

                                  @amitaussie:

                                  Do i have to install any other browser in Apple devices to bypass this CNA feature, like chrome etc.?

                                  Will not help. The only way to avoid this junk is to avoid CP detection altogether.

                                  1 Reply Last reply Reply Quote 0
                                  • E
                                    EMWEE
                                    last edited by

                                    No, no, no… you misunderstood that issue. They will be logged out as soon as they've logged in via the crippled CNA "browser". They need to use their real browser to log in if they want to continue browsing.

                                    When i login via CNA everything works fine. I just use the less secure IP/MAC solution.

                                    1 Reply Last reply Reply Quote 0
                                    • D
                                      doktornotor Banned
                                      last edited by

                                      @EMWEE:

                                      I just use the less secure IP/MAC solution.

                                      Yeah, so what exactly does this have to do with the manual logout page?

                                      1 Reply Last reply Reply Quote 0
                                      • E
                                        EMWEE
                                        last edited by

                                        @doktornotor:

                                        No, no, no… you misunderstood that issue. They will be logged out as soon as they've logged in via the crippled CNA "browser". They need to use their real browser to log in if they want to continue browsing.

                                        They won't be logout…they r just not getting the cookie (or am I missing something). So I use the IP/MACso users can use CNA or browser.

                                        1 Reply Last reply Reply Quote 0
                                        • D
                                          doktornotor Banned
                                          last edited by

                                          This entire thread has been discussing how to log out people by using a cookie. So yeah, you can use CNA just fine if you not using logout, just don't get why are you discussing this on a CP manual logout thread…

                                          1 Reply Last reply Reply Quote 0
                                          • E
                                            EMWEE
                                            last edited by

                                            @doktornotor:

                                            This entire thread has been discussing how to log out people by using a cookie. So yeah, you can use CNA just fine if you not using logout, just don't get why are you discussing this on a CP manual logout thread…

                                            No its not. It been discussed using IP/MAC too at the first page..and this does work with CNA.  Im just stating this since the cookie solution is troublesome for phones/tablets.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.