Blame - extensions/pppoe/scripts/apps/pppoeMgmt/httpServer.js - vsg - Gitiles

blob: 8e198b413f75c237622b6791e5ed4b60f7355d44 [file] [log] [blame]

Matteo Scandolo	aca8665	2017-08-08 13:05:27 -0700	[diff] [blame]	1
				2	/*
				3	* Copyright 2017-present Open Networking Foundation
				4
				5	* Licensed under the Apache License, Version 2.0 (the "License");
				6	* you may not use this file except in compliance with the License.
				7	* You may obtain a copy of the License at
				8
				9	* http://www.apache.org/licenses/LICENSE-2.0
				10
				11	* Unless required by applicable law or agreed to in writing, software
				12	* distributed under the License is distributed on an "AS IS" BASIS,
				13	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				14	* See the License for the specific language governing permissions and
				15	* limitations under the License.
				16	*/
				17
				18
AyumuUeha	76a01bc	2017-05-18 13:34:13 +0900	[diff] [blame]	19	/**
				20	* httpServer - HTTP server for user's credential
				21	*/
				22	var express = require('express');
				23	var path = require('path');
				24	var http = require('http');
				25	var https = require('https');
				26	var radiusOper = require('./startClient');
				27	var body_parser = require('body-parser');
				28	var os=require('os');
				29	var ifaces = os.networkInterfaces();
				30	var app = express();
				31	var fs = require("fs");
				32	var Promise=require('bluebird');
				33	var execAsync=Promise.promisify(require('child_process').exec);
				34	app.use(express.static(path.join(__dirname,'authwebapp')));
				35
				36	var config = {
				37	key: fs.readFileSync('./certs/server.key'),
				38	cert: fs.readFileSync('./certs/server.crt'),
				39	ca: fs.readFileSync('./certs/ca.crt'),
				40	requestCert: true,
				41	rejectUnauthorized: false
				42	};
				43
				44	function natRecoverPkt(iface, ipAddr, port) {
				45
				46	var cmd = 'ip6tables -w -t nat -D PREROUTING -i ' + iface +
				47	' -p tcp --dport ' + port + ' -j DNAT --to-destination ['
				48	+ ipAddr + ']:' + port;
				49	var checkCmd = 'ip6tables -w -t nat -v -L PREROUTING';
				50	var check = 'to:[' + ipAddr + ']:' + port;
				51
				52	console.log(checkCmd + ' to check ' + check);
				53	execAsync(checkCmd).then(function (result) {
				54	console.log("indexOf:" + result.indexOf(check));
				55	if (result.indexOf(check) > 0) {
				56	execAsync(cmd);
				57	console.log(cmd);
				58	}
				59	else {
				60	console.log("nat rule not exist.");
				61	}
				62	}, function (err) {console.error(err);});
				63
				64	}
				65
				66	function connDev(iface) {
				67	var cmd = 'ip6tables -w -D FORWARD -i ' + iface + ' -j DROP';
				68	var checkCmd = 'ip6tables -w -v -L FORWARD 1';
				69	var check = 'DROP all ' + iface;
				70
				71	console.log(checkCmd + ' to check ' + check);
				72	execAsync(checkCmd).then(function (result) {
				73	console.log("indexOf:" + result.indexOf(check));
				74	if (result.indexOf(check) > 0) {
				75	execAsync(cmd);
				76	console.log(cmd);
				77	}
				78	else {
				79	console.log("Forward rule not exist.");
				80	}
				81	}, function (err) {console.error(err);});
				82
				83	}
				84
				85	function rmDnsRoute(ipAddr) {
				86	//delete blindly, minor side effect
				87	var cmd = 'route del ' + ipAddr;
				88	execAsync(cmd);
				89	console.log(cmd);
				90	}
				91
				92	function pppoeRmRedirectPkt(ipAddr) {
				93	natRecoverPkt('eth1', ipAddr, '80');
				94	natRecoverPkt('eth1', ipAddr, '443');
				95	connDev('eth1');
				96	rmDnsRoute('8.8.8.8');
				97	}
				98
				99	app.use(body_parser.json());
				100	app.use(body_parser.urlencoded({ extended: true }));
				101
				102	app.get('/', function (req, res) {
				103
				104	console.log("===Please login.===" );
				105	execAsync('cat adminState.txt').then(function (result) {
				106	if (result.indexOf("enable") > 0)
				107	{
				108	res.sendFile(__dirname+'/authwebapp/login.html');
				109	}
				110	else
				111	{
				112	console.log("PPPoE disabled.");
				113	res.send('PPPoE disabled.');
				114	}
				115	}, function (err) {
				116	console.error(err);
				117	});
				118	})
				119
				120	app.post('/',function(req,res){
				121	console.log("===post request===");
				122	var username = req.body.username;
				123	var password = req.body.password;
				124	console.log("===user:"+username+",pwd:"+password+"===");
				125
				126	var data = radiusOper.verifyFun(username,password);
				127	data.then(function(result){
				128	console.log("===verifyFun result:"+result+"===");
				129	if(result)
				130	{
				131	setTimeout(function(){
				132	console.log("enter timeout");
				133	execAsync("ifconfig").then(function (result) {
				134	console.log("result.indexOf :"+result.indexOf("ppp0"));
				135	if(result.indexOf("ppp0") >= 0)
				136	{
				137	console.log("===PPPoE session has set up.===");
				138	pppoeRmRedirectPkt(eh1ip);
				139	res.setHeader("Access-Control-Allow-Origin", "*");
				140	res.jsonp({'result':'Auth successfully!!'});
				141	}
				142	else
				143	{
				144	execAsync("poff -a");
				145	console.log("===PPPoE session failed.===");
				146	res.setHeader("Access-Control-Allow-Origin", "*");
				147	res.jsonp({'result':'error!'});
				148	}
				149	});
				150	},5000);
				151	}
				152	else
				153	{
				154	execAsync("poff -a");
				155	console.log("===PPPoE session failed.===");
				156	res.setHeader("Access-Control-Allow-Origin", "*");
				157	res.jsonp({'result':'error!'});
				158	}
				159	});
				160	});
				161
				162	var eh1ip='a';
				163	var i = false;
				164	ifaces['eth1'].forEach(function(details){
				165	if (details.family=='IPv6' && i == false)
				166	{
				167	i = true;
				168	eh1ip = details.address;
				169	console.log('eh1ip:'+eh1ip);
				170	}
				171	});
				172
				173	var httpPort = "80";
				174	var httpsPort = "443";
				175
				176	http.createServer(app).listen(httpPort, eh1ip);
				177	https.createServer(config, app).listen(httpsPort, eh1ip);
				178
				179	console.log("PPPoE Web Server listens on ports " + httpPort + " and " + httpsPort);
				180