Captive portal manual logout page address

brinch

Ok, i understand.

But there me be a very easy way to write a simple php page that directly log out the user who launches it. No pop up, no confirmation button.

http://mypfsense:8004/logout.php

Just a function that get the session id and kill the current session.

I tried to code something with the elements you gave, but it didn't work ...

Gertjan

@brinch said in Captive portal manual logout page address:

I tried to code something with the elements you gave, but it didn't work ...

You should :
Obtain user's IP and MAC (see /usr/local/captiveportal/index.php how to get the, it's easy.

Use this to get the session ID :

Use https://github.com/pfsense/pfsense/blob/fb249aefa378172d6c246e62d15a8da40d80c5b6/src/etc/inc/captiveportal.inc#L2834 to get the session entry.

$cpentry[5] should contain the session ID.

Now call https://github.com/pfsense/pfsense/blob/fb249aefa378172d6c246e62d15a8da40d80c5b6/src/etc/inc/captiveportal.inc#L1214 using this session ID.

brinch

This post is deleted!

Gertjan

This worked for me :

<?php

require_once("captiveportal.inc");
require_once("auth.inc");
require_once("functions.inc");

global $g, $config, $cpzone, $cpzoneid;

/* Are there any portals  ? */
if (is_array($config['captiveportal'])) {
	/* For every portal (cpzone), do */
	foreach ($config['captiveportal'] as $cpkey => $cp)
		/* Sanity check */
		if (is_array($config['captiveportal'][$cpkey])) 
			/* Is zone enabled ? */
			if (array_key_exists('enable', $config['captiveportal'][$cpkey])) {
				$cpzone = $cpkey;
				$cpzoneid = $cp['zoneid'];
				$client_ip = $_SERVER['REMOTE_ADDR'];
				$cpentry = array();
				$cpentry = captiveportal_isip_logged($client_ip);
				if ( array_key_exists(5, $cpentry) ) {
				captiveportal_disconnect_client($cpentry[5], 1, "USER LOGOUT");
				}
			}
	}
?>

Note : the $cpzone should be set to the actual captive portal zone instance name !
( I'll update this post later on so the code will scan over all active captive portal zone instances )

When I visited this /logout.php page, I was logged out.

edit : code updated.

brinch

@Gertjan

Thank you very much, it does the trick.

Have a good day

Gertjan

I just updated the code ^^

netx34

any tutorial process to input this code? or edit and add
thanks in advance ive got this issue with my client users for how many months.

Gertjan

@netx34 said in Captive portal manual logout page address:

any tutorial process to input this code? or edit and add

Yep.

Place (create) it here : /usr/local/captiveportal
Call the file "logout.php".

Note : this is NOT a file you can upload into the pfSense Captive Pprtal's file manager !!

Now you can use
http://portal.mypfsense.tld:8004/logout.php
or
http://192.168.2.1:8004/logout.php

( if 192.168.2.1 is the IP address of the captive portal's interface - or your set "portal.mypfsense.tld" as the FQDN to this IP using the Resolver.
"8004" is just an example, your port number might be different. )

netx34

@Gertjan thank you,
im now test it before i deploy it to my exact pf serve,
great work and update.

update later after work.

netx34

btw only the logout.php can apply FQDN for the domain name

Gertjan

@netx34 said in Captive portal manual logout page address:

btw only the logout.php can apply FQDN for the domain name

What do you mean ?

guntery

When I visited this /logout.php page, I was logged out.

So this code works great, thanks. I'm adding in a redirect at the end of the file - it works - but it takes around 20 seconds too load the login page - or any page

Any ideas on a workaround? - I assume the portal is interfering somehow.

<script>window.location.replace("http://example.com");</script>

edit: weird, it a happened a few times, restored a backup and it now works fine..

Gertjan

@guntery said in Captive portal manual logout page address:

I'm adding in a redirect at the end of the file

What are you talking about ?
What file ? The script from above ? That a massive "log everybody out" script file.

After throwing everybody out, why would you redirect yourself to http://example.com ? Why not the pfSense GUI ?

guntery

Huh? It logs out the user who goes to that page not all users.

the redirect goes to the splash page either way though right (it's an example), in this case I have 2 captive portals with differing IP's and 1 logout script so it was easier to use the domain redirect not the CP IP

Gertjan

@guntery said in Captive portal manual logout page address:

uh? It logs out the user who goes to that page not all users.

I stand corrected.
Had to review the script and true, the caller gets logged out.
Sorry for the noise ^^