captive portal url
-
Hallo everybody,
i wrote in php a program to convert the vouchers to qrcode. But i want also the url to let the users to login directly. For exampel:
https://172.18.1.1:8003/index.php?zone=test&auth_voucher=ySyFDUUMibt.
this link will not do anything and i will stay in the login-page. I think that the url is wrong.
if you have the url for http then will be better. :)
can anybody help me
With best regards
youzersef -
@youzersef said in captive portal url:
Hallo everybody,
i wrote in php a program to convert the vouchers to qrcode. But i want also the url to let the users to login directly. For exampel:
https://172.18.1.1:8003/index.php?zone=test&auth_voucher=ySyFDUUMibt.
- you should use
voucherinstead ofauth_voucher - with
voucher, pfsense will pre-fill the details (and not connect the user automatically).
For security reasons, it has been decided to not allow GET requests connect an user on the captive portal. The reason behind is that GET requests could be easly abused. When using POST, some protections (CSRF, etc...) are there to prevent that.
More info here : https://github.com/pfsense/pfsense/pull/4326
- you should use
-
@youzersef said in captive portal url:
https://172.18.1.1:8003/index.php?zone=test&auth_voucher=ySyFDUUMibt.
Use redirurl
i.e.https://172.18.1.1:8003/index.php?zone=test&redirurl=http://slackware.org&voucher=ySyFDUUMibt. -
And last but not least :
@youzersef said in captive portal url:
https://172.18.1.1:8003/index.php?zone=........................
............
if you have the url for http then will be better. :)if 'https' uses port 8003, then 8002 will be the 'http' version.
With "http" you can use IP adresses.
But 'http' is pretty dead these days. It works, but is not secure. Keep in mind that captive portals are mostly open wifi connections, so at least use 'https' so the traffic can't be intercepted == vouhcer code stoeln.And with 'https', you have to use a certificate that a (any) browser accepts.
Good news : certs are free now. Use the acme pfSense package to get one.
Ask for a wild card certificate, like "your-local-domain.tld"
Now you can use an URL like https://portal.your-local-domain.tld:8003/...... and all will be looking 'pro' and secure.@youzersef said in captive portal url:
i wrote in php a program
Good writing starts with good reading.
This is the file that presents the captive portal login page to the user : /usr/local/captiveportal/index.php
Check it out, and you would have found all those $_POST[..]. (No REQUESTS)
And the parameters that it recognizes. -
thank you everybody for your reaction. It works. The problem for https that i need ssl certificat. "LetsEncypt" for exampel need renew every 3 months and i can not do it every time for my customers and also i can not leave the port 80 open permanent to renew automatically. Or i need payment ssl but the most of customers do not want pay regularly.
-
@youzersef you can use a TXT DNS record to perform the renewal automatically
I'm personally doing that for my captive portal instance
-
@youzersef said in captive portal url:
The problem for https that i need ssl certificat. "LetsEncypt" for exampel need renew every 3 months and i can not do
The acme package will renew the cert for you - you have nothing to do.
@youzersef said in captive portal url:
and also i can not leave the port 80
And you're right. And you don't have to open nothing. There are far better ways.
You'll be needing a domain name. That will not be free. Something like 5 $ a year ?
But, take the time to chose the right registrar. One that is supported by acme : see here for all the details.@youzersef said in captive portal url:
Or i need payment ssl but the ....
In that case you need a domain name first.
And you have to buy the cert every year or so == always more expensive.@youzersef said in captive portal url:
the most of customers do not want pay regularly.
That's different, but I guess these people are not what I would call customers.
The easy way : don't work for these people.
most of customers do not want pay regularly.
