Is logout without popup possible?

nemesisdev · May 6, 2021, 11:13 PM

Hi everyone,

I maintain a captive page open source app which knows the session ID of the user and has a logout button the user can use if they want.

This makes the logout popup redundant, so I want to ask if is it possible to configure PfSense to keep the logout functionality enabled but without triggering the pop up in the browser of the user?

Thanks in advance!

Derelict · May 6, 2021, 11:19 PM

@nemesisdev Uncheck this?

login-to-view

nemesisdev · May 21, 2021, 9:45 PM

@derelict Sorry for my late reply, I wanted to find the time to double check this.

If I disable that checkbox, logout stops working completely.

The version I am currently running is 2.4.5.

At the moment I am assuming it is not possible to log out without enabling this popup, but I believe it would be useful to decouple the two things: one could disable the popup but keep the logout enabled, because the logout would be performed by a webpage residing on an external server, calling the logout URL with a post.

Gertjan · May 24, 2021, 6:37 AM

@nemesisdev said in Is logout without popup possible?:

At the moment I am assuming it is not possible to log out without enabling this popup, but I believe it would be useful to decouple the two things: ......

This solution is a "copy some files and done" solution ?
I guess not.
So, why stop half way ?

The popup windows text can be provided by pfSense, see the script here or you can define you own php/java/html/whatever page.

It should call against the same index.php page providing a 'logout_id' parameter with the user's session ID.

Here here logout page is prepared.
I guess you can leave that part of the scrip 'as is'.

In de main 'index' file ( /usr/local/captiveportal/index.php ) of the captive portal :

This line
Conditions :
When there is a session, and
When the "logout_id" isn't set, and
When there is a logout page text defined
Then show the build in popup - logout - page.

I guess you could comment out (or delete) the entire function body except the ending

return;

Btw : take note : The lines shown are from the actual pfSense "2.5.1" version.
Yours could be different, as you use older "2.4.5" code.

nemesisdev · Jul 16, 2021, 2:47 AM

@gertjan the problem is not the customization of the logout page.
I don't understand what is the code which triggers the logout popup after logging in.
I think that's the part which should be changed to allow the logout action without the popup.

But for the moment I will live with the pop up blocked message in the browser.

Gertjan · Jul 16, 2021, 8:30 AM

@nemesisdev

Using version 2.5.2 :

login-to-view

with this unchecked, there is no pupup.

nemesisdev · Jul 16, 2021, 5:36 PM

@gertjan said in Is logout without popup possible?:

@nemesisdev

Using version 2.5.2 :

login-to-view

with this unchecked, there is no pupup.

As I already wrote previously, if that checkbox is disabled, the possibility of logging out is disabled.

So the ideal solution would be a way to disable the logout popup window without disabling the logout HTTP POST.

Gertjan · Jul 16, 2021, 5:57 PM

@nemesisdev

Sorry, you're right, I wasn't looking what I previously wrote.

There is no 'click here' solution for your question.
You have to edit the code, as I said ... also above : just remove the part of the html that is responsible for the creation of the logout popup box (didn't test this myself).

nemesisdev · Jul 16, 2021, 6:57 PM

@gertjan Are you involved with the pfsense development?

Do you know if the maintainers would be interested in a patch to solve this?

Derelict · Jul 16, 2021, 7:03 PM

@nemesisdev Always. redmine.pfsense.org and github.com/pfsense

nemesisdev · Jul 16, 2021, 7:33 PM

@derelict thanks, BTW redmine links this page: https://www.netgate.com/docs/pfsense/development/bug-reporting.html which returns 404.

I created the issue on redmine: https://redmine.pfsense.org/issues/12138.

Derelict · Jul 16, 2021, 7:39 PM

@nemesisdev Discussion regarding best ways to accomplish it should be done here on the forum. Redmine is not a platform for discussion.

Gertjan · Jul 17, 2021, 12:30 AM

@nemesisdev said in Is logout without popup possible?:

@gertjan Are you involved with the pfsense development?

No way, just a severally addicted consumer.
I think I understand how it works, what it does to make things happen. I'm able of tearing it apart, and break things completely.
Just ones in a while I find something small that fixes something even smaller.

The captive portal is special for me as I need it.
It's a marvelous peace of work and a coding nightmare, should probably be rewritten from the ground up (not using PHP I guess).
But it works - for me.

jimp · Jul 19, 2021, 1:20 PM

This is actually a bug and not intended. It worked in the past but some recent portal changes may have unintentionally caused the change in behavior.

You should always be able to manually go back to the portal page at <http or https>://<ip address or hostname>:<port number>/index.php?zone=<zonename> and click Logout even when the popup is disabled.

When the popup is disabled, going back to that URL displays a logout button but clicking it returns a "you are connected" message and does not disconnect the user.

It works as expected when the logout popup is enabled.

I updated the Redmine issue at https://redmine.pfsense.org/issues/12138 to reflect this.

nemesisdev · Jul 19, 2021, 6:05 PM

@jimp thanks for the update, I'm relieved to know that, since the way it works now looked pretty weird.