import radiusd
import MySQLdb
configDb = 'python' configHost = 'localhost' configUser = 'python' configPasswd = 'python'
dbHandle = None
def log(level, s):
"""Log function."""
radiusd.radlog(level, 'prepaid.py: ' + s)
def instantiate(p):
"""Module Instantiation. 0 for success, -1 for failure.
p is a dummy variable here."""
global dbHandle
p = p
try:
dbHandle = MySQLdb.connect(db=configDb, host=configHost,
user=configUser, passwd=configPasswd)
except MySQLdb.OperationalError, e:
log(radiusd.L_ERR, str(e))
return -1
log(radiusd.L_INFO, 'db connection: ' + str(dbHandle))
return 0
def authorize(authData):
"""Authorization and authentication are done in one step."""
userName = None
userPasswd = None
for t in authData:
if t[0] == 'User-Name':
userName = t[1]
elif t[0] == 'Password':
userPasswd = t[1]
sql = 'select passwd, maxseconds from users where username = ' + userName
log(radiusd.L_DBG, sql)
try:
dbCursor = dbHandle.cursor()
except MySQLdb.OperationalError, e:
log(radiusd.L_ERR, str(e))
return radiusd.RLM_MODULE_FAIL
try:
dbCursor.execute(sql)
except MySQLdb.OperationalError, e:
log(radiusd.L_ERR, str(e))
dbCursor.close()
return radiusd.RLM_MODULE_FAIL
result = dbCursor.fetchone()
if not result:
log(radiusd.L_INFO, 'user not found: ' + userName)
dbCursor.close()
return radiusd.RLM_MODULE_NOTFOUND
if result[0] != userPasswd[1:-1]:
log(radiusd.L_DBG, 'user password mismatch: ' + userName)
return radiusd.RLM_MODULE_REJECT
maxSeconds = result[1]
sql = 'select sum(seconds) from sessions where username = ' + userName
log(radiusd.L_DBG, sql)
try:
dbCursor.execute(sql)
except MySQLdb.OperationalError, e:
log(radiusd.L_ERR, str(e))
dbCursor.close()
return radiusd.RLM_MODULE_FAIL
result = dbCursor.fetchone()
if (not result) or (not result[0]):
secondsUsed = 0
else:
secondsUsed = result[0]
dbCursor.close()
sessionTimeout = maxSeconds - int(secondsUsed)
if sessionTimeout <= 0:
log(radiusd.L_INFO, 'user out of time: ' + userName)
return radiusd.RLM_MODULE_REJECT
log(radiusd.L_DBG, 'user accepted: %s, %d seconds' %
(userName, sessionTimeout))
return (radiusd.RLM_MODULE_UPDATED,
(('Session-Timeout', str(sessionTimeout)),),
(('Auth-Type', 'python'),))
def authenticate(p):
p = p
return radiusd.RLM_MODULE_OK
def preacct(p):
p = p
return radiusd.RLM_MODULE_OK
def accounting(acctData):
"""Accounting."""
userName = None
acctSessionTime = None
acctStatusType = None
for t in acctData:
if t[0] == 'User-Name':
userName = t[1]
elif t[0] == 'Acct-Session-Time':
acctSessionTime = t[1]
elif t[0] == 'Acct-Status-Type':
acctStatusType = t[1]
if acctStatusType == 'Start':
return radiusd.RLM_MODULE_OK
sql = 'insert into sessions (username, seconds) values (%s, %d)' % \
(userName, int(acctSessionTime))
log(radiusd.L_DBG, sql)
try:
dbCursor = dbHandle.cursor()
except MySQLdb.OperationalError, e:
log(radiusd.L_ERR, str(e))
return radiusd.RLM_MODULE_FAIL
try:
dbCursor.execute(sql)
except MySQLdb.OperationalError, e:
log(radiusd.L_ERR, str(e))
dbCursor.close()
return radiusd.RLM_MODULE_FAIL
return radiusd.RLM_MODULE_OK
def detach():
"""Detach and clean up."""
global dbHandle
log(radiusd.L_DBG, 'closing database handle: ' + str(dbHandle))
dbHandle.close()
return radiusd.RLM_MODULE_OK
if __name__ == '__main__':
instantiate(None)
print authorize((('User-Name', '"map"'), ('User-Password', '"abc"')))