init

0ec12962 · Ahmad Nemati · 23e3e390 · 0ec12962
Commit 0ec12962 authored May 02, 2023 by Ahmad Nemati
Hide whitespace changes
Inline Side-by-side

Showing with 37 additions and 34 deletions

app.js app.js +37 -34

No files found.
--- a/app.js
+++ b/app.js
-const radius = require('radius');
 const dgram = require('dgram');
+const radius = require('radius');

-const secret = 'secret'; // Replace with your shared secret
-const port = 1812; // Default RADIUS authentication port
+const RADIUS_PORT = 1812; // Default RADIUS authentication port
+const RADIUS_SECRET = 'secret';

 const server = dgram.createSocket('udp4');

 server.on('message', (msg, rinfo) => {
-    const packet = radius.decode({ packet: msg, secret });
-console.log(packet)
-    if (packet.code !== 'Access-Request') {
-        console.error('Invalid packet type: ' + packet.code);
-        return;
-    }
+    try {
+        const packet = radius.decode({ packet: msg, secret: RADIUS_SECRET });
+
+        // Log the client's IP address
+        console.log(`Received RADIUS packet from ${rinfo.address}:${rinfo.port}`);

-    const username = packet.attributes['User-Name'];
-    const password = packet.attributes['User-Password'];
+        if (packet.code !== 'Access-Request') {
+            console.log(`Unknown packet type: ${packet.code}`);
+            return;
+        }

-    console.log('Received access request from:', username);
+        const username = packet.attributes['User-Name'];

-    // Perform your user authentication logic here
-    const isAuthenticated = authenticateUser(username, password);
+        // Decrypt the password
+        const encryptedPassword = packet.attributes['User-Password'];
+        const password = radius.decrypt({ packet: packet, secret: RADIUS_SECRET, attribute: encryptedPassword });

-    let response;
-    if (isAuthenticated) {
-        response = radius.encode_response({
-            packet,
-            code: 'Access-Accept',
-            secret,
+        console.log(`Username: ${username}, Password: ${password}`);
+
+        // Implement your authentication logic here
+        const isAuthenticated = authenticateUser(username, password);
+
+        const response = isAuthenticated ? 'Access-Accept' : 'Access-Reject';
+        const responsePacket = radius.encode_response({
+            packet: packet,
+            code: response,
+            secret: RADIUS_SECRET,
        });
-        console.log('Access granted for:', username);
-    } else {
-        response = radius.encode_response({
-            packet,
-            code: 'Access-Reject',
-            secret,
+
+        server.send(responsePacket, 0, responsePacket.length, rinfo.port, rinfo.address, (err, bytes) => {
+            if (err) {
+                console.error('Error sending response:', err);
+            }
        });
-        console.log('Access denied for:', username);
+    } catch (err) {
+        console.error('Error decoding RADIUS packet:', err);
    }
-
-    server.send(response, 0, response.length, rinfo.port, rinfo.address);
 });

 server.on('listening', () => {
    const address = server.address();
-    console.log('RADIUS server listening on port', address.port);
+    console.log(`RADIUS server listening on ${address.address}:${address.port}`);
 });

-server.bind(port);
+server.bind(RADIUS_PORT);

 function authenticateUser(username, password) {
-    console.log(username,password)
-    // Replace this function with your actual authentication logic
-    return username === 'ali' && password === 'ali';
+    // Replace this with your authentication logic (e.g., checking against a database)
+    return username === 'ali' && password === 'ahmad';
 }