var radius = require('radius');var dgram = require('dgram');var md5 = requir

1. var radius = require('radius');
2. var dgram = require('dgram');
3. var md5 = require('md5');
4. var config = require('/etc/radiusd.json');
5.  
6. var logger = require('./libs/logger')({
7. config: config.log
8. });
9.  
10. var client = require('./libs/redis')({
11. logger: logger,
12. config: config.redis
13. });
14.  
15. var mysqlCluster = require('./libs/mysql')({
16. logger: logger,
17. config: config.mysql
18. });
19.  
20. var secret = config.radiusd.secret;
21.  
22. // 创建 socket server
23. var server = dgram.createSocket('udp4');
24.  
25. // 收到请求
26. server.on('message', (msg, rinfo) => {
27. // 解包
28. var packet = radius.decode({packet: msg, secret: secret});
29.  
30. var username = packet.attributes['User-Name'];
31. var password = packet.attributes['User-Password'];
32.  
33. logger.debug(`Access-Request: ${username}/${password}`);
34.  
35. // 已被缓存 (默认已被缓存, 当通过 MySQL 读取的时候, 会修改 cached)
36. var cached = true;
37.  
38. (new Promise((resolve, reject) => {
39. // 进行 code 类型判断
40. if (packet.code != 'Access-Request') {
41. logger.error('unknown packet type: ', packet.code);
42. throw new Error(`unknown packet type: ${packet.code}`);
43. }
44. // 如果 redis 死掉了, client.connected 为 false
45. if (client.connected) {
46. client.hgetall(username, (err, res) => {
47. if (res) {
48. logger.debug(`redis hit ${username}`)
49. resolve(res);
50. } else {
51. reject();
52. }
53. });
54. } else {
55. reject();
56. }
57. }))
58. .then((result) => {
59. // 可以获取到缓存数据
60. // 获取到缓存数据
61. return result;
62. }, () => {
63. cached = false;
64. // 获取不到缓存数据
65. return new Promise((resolve, reject) => {
66. mysqlCluster.of('*').query('SELECT `password` FROM `users` WHERE `username` = ? LIMIT 1', [username], (err, results, fields) => {
67. if (err || results[0] === undefined) {
68. reject(err || new Error(`Cannot Find ${username} Info`));
69. } else {
70. resolve(JSON.parse(JSON.stringify(results[0])));
71. }
72. });
73. });
74. })
75. .then((result) => {
76. // 如果 redis 处于 connected 状态, 并且没有被缓存
77. if (client.connected && !cached) {
78. logger.debug(`Cache save ${username}}`);
79. client.hmset(username, result);
80. }
81.  
82. return result;
83. })
84. .then((result) => {
85. return new Promise((resolve, reject) => {
86. if (md5(password) == result.password) {
87. logger.debug(`password compare success! ${username}/${password}`);
88. resolve()
89. } else {
90. reject(new Error('Wrong Password'));
91. }
92. });
93. })
94. .then((result) => {
95. var response = radius.encode_response({
96. packet: packet,
97. code: 'Access-Accept',
98. secret: secret
99. });
100.  
101. logger.debug(`Sending Access-Accept for user ${username}`);
102.  
103. server.send(response, 0, response.length, rinfo.port, rinfo.address, (err, bytes) => {
104. if (err) {
105. logger.error(`Error sending response to ${err}`);
106. }
107. });
108. })
109. .catch((err) => {
110. console.log(err);
111. var response = radius.encode_response({
112. packet: packet,
113. code: 'Access-Reject',
114. secret: secret
115. });
116.  
117. logger.debug(`Sending Access-Reject for user ${username}`);
118.  
119. server.send(response, 0, response.length, rinfo.port, rinfo.address, (err, bytes) => {
120. if (err) {
121. logger.error(`Error sending response to ${err}`);
122. }
123. });
124. });
125. });
126.  
127. server.on('listening', () => {
128. logger.info('Server is running...');
129. });
130.  
131. server.bind(1812);