Login requests with 'on the fly' approval based on email.



  • Hi.  I am wondering if there is something like this available in PFSense.

    Instead of having a userid and password, they instead are given a screen that prompts them to enter basic details asking for approval.. here is how it would work:

    User needs access to guest wifi, and is given the WIFI details to get connected.

    They connect, and reach the portal.

    They see:

    "
    Welcome to XYZ Guest Wifi.  To gain access to the network, please answer the following questions:

    Your full name:
    Your phone number:
    Briefly explain why you need access:
    Enter the email address of your sponsor:
    "

    After they click submit, they are told:
    Please stand by, your sponsor is being notified….

    The sponsor (who is in a preset list of acceptable emails to receive such an email) is then sent an email with the following info:

    "
    A user is requesting that you approve their Guest Wifi access:

    Name: <user's full="" name="">Phone: <user's phone="">Reason for access: <details from="" above="">Do you approve access?  Please click YES or NO.
    "
    If they click yes or no, an new email is created that includes some sort of validation code... they just click 'send'.

    This sends an email back to PFSense.

    Based on what PFSense gets back:

    It will go and tell the user:
    "
    Your guest wifi access has been approved for the next XX hours'.
    "
    and they now have access based on their MAC address.

    or

    "Sorry, your access was not approved... please click CLOSE"

    The advantage to this is that chances are, the sponsor is going to be right there, or know the person is requesting access and can easily approve it.  No user IDs or passwords need to be managed.  This works well for large community centres, churches, etc., that want to manage access, but don't want to go to the point of providing userIDs and passwords.

    So is such a thing possible somehow with PFSense?

    Thanks
    Jeff</details></user's></user's>



  • wouldn't that just make it overly complicated?

    why don't you just handout vouchers that are valid for X hours ?