Show a username without Authentication

carbm1 · Jan 5, 2012, 7:30 PM

I'm using Captive Portal simply for a TOS agreement. However, I would like a way when I go into the Status>Captive Portal to be able to "figure out" who is who.

On the Captive Portal form I added:

However, I guess since the authentication is not actually turned on it only shows "unauthenticated" on the Status > Captive Portal, Username.

Yes, I know that someone could simply put the name "Seemore Butts" or "Ivanna Tinkle" and it would let them in but if so I can also Block the device because of it.

This is a setup for a k-12 school system so I need a way to hold students accountable for activity. Hence the need for a TOS.

ideas?

Thanks,

Craig

marcelloc · Jan 6, 2012, 12:39 AM

Without password, it will be really difficult.
each studdent has a device?

Can you associate mac addresses to users?

eri-- · Jan 6, 2012, 9:18 AM

Try the attached patch, its against 2.0.1 and untested :)


diff --git a/usr/local/captiveportal/index.php b/usr/local/captiveportal/index.php
index 201a234..a85a52b 100755
--- a/usr/local/captiveportal/index.php
+++ b/usr/local/captiveportal/index.php
@@ -197,8 +197,11 @@ EOD;
     } else
         portal_reply_page($redirurl, "error", $errormsg);
 } else if ($_POST['accept'] && $clientip && $config['captiveportal']['auth_method'] == "none") {
-    captiveportal_logportalauth("unauthenticated",$clientmac,$clientip,"ACCEPT");
-    portal_allow($clientip, $clientmac, "unauthenticated");
+       $user = "unauthenticated";
+       if ($_POST['auth_user'])
+               $user = $_POST['auth_user'];
+    captiveportal_logportalauth($user,$clientmac,$clientip,"ACCEPT");
+    portal_allow($clientip, $clientmac, $user);
 } else {
     /* display captive portal page */
     portal_reply_page($redirurl, "login",null,$clientmac,$clientip);

carbm1 · Jan 6, 2012, 8:45 PM

That worked perfectly! Million thanks!

carbm1 · Jan 6, 2012, 9:30 PM

Forgive me for not being competent enough to use diff …. but here is a slight modification that if they left it blank would redirect them right back to the Captive Portal.


    } else
        portal_reply_page($redirurl, "error", $errormsg);
} else if ($_POST['auth_user'] && $_POST['accept'] && $clientip && $config['captiveportal']['auth_method'] == "none") {
    $user = $_POST['auth_user'];
    captiveportal_logportalauth($user,$clientmac,$clientip,"ACCEPT");
    portal_allow($clientip, $clientmac, $user);
} else {
    /* display captive portal page */
    portal_reply_page($redirurl, "login",null,$clientmac,$clientip);
}

rhy7s · Feb 2, 2012, 3:15 AM

Thanks for those replies, I was just coming here to ask the very same question as the OP. I'll try those patches some time when people aren't using the CP. Just thought I'd check another thing in the same vein, does anyone know if it would be possible to pull in the connected device's hostname for display on the CP template? They show up in the DHCP leases so I assume they are accessible from somewhere..

t3rmin · Feb 6, 2012, 5:16 PM

Just what I was looking for! I want to protect the network at the WPA level (to completely keep out the curious) and use the captive portal for TOS. This isn't a public network, but it isn't entirely private, either. The idea is for contractors and consultants and such to be able to get internet access. They get the password from us, then have to agree to the TOS before continuing.

I was thinking it'd be nice to have somebody enter their name before clicking "Agree and Continue", but it didn't show up the logs. This patch fixes that! Thanks so much!

It would be nice to prevent them from leaving it blank, too. Maybe an option in the UI for "No authentication but still require (and log) a username"? :)