Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var radius = require('radius');
- var dgram = require('dgram');
- var md5 = require('md5');
- var config = require('/etc/radiusd.json');
- var logger = require('./libs/logger')({
- config: config.log
- });
- var client = require('./libs/redis')({
- logger: logger,
- config: config.redis
- });
- var mysqlCluster = require('./libs/mysql')({
- logger: logger,
- config: config.mysql
- });
- var secret = config.radiusd.secret;
- // 创建 socket server
- var server = dgram.createSocket('udp4');
- // 收到请求
- server.on('message', (msg, rinfo) => {
- // 解包
- var packet = radius.decode({packet: msg, secret: secret});
- var username = packet.attributes['User-Name'];
- var password = packet.attributes['User-Password'];
- logger.debug(`Access-Request: ${username}/${password}`);
- // 已被缓存 (默认已被缓存, 当通过 MySQL 读取的时候, 会修改 cached)
- var cached = true;
- (new Promise((resolve, reject) => {
- // 进行 code 类型判断
- if (packet.code != 'Access-Request') {
- logger.error('unknown packet type: ', packet.code);
- throw new Error(`unknown packet type: ${packet.code}`);
- }
- // 如果 redis 死掉了, client.connected 为 false
- if (client.connected) {
- client.hgetall(username, (err, res) => {
- if (res) {
- logger.debug(`redis hit ${username}`)
- resolve(res);
- } else {
- reject();
- }
- });
- } else {
- reject();
- }
- }))
- .then((result) => {
- // 可以获取到缓存数据
- // 获取到缓存数据
- return result;
- }, () => {
- cached = false;
- // 获取不到缓存数据
- return new Promise((resolve, reject) => {
- mysqlCluster.of('*').query('SELECT `password` FROM `users` WHERE `username` = ? LIMIT 1', [username], (err, results, fields) => {
- if (err || results[0] === undefined) {
- reject(err || new Error(`Cannot Find ${username} Info`));
- } else {
- resolve(JSON.parse(JSON.stringify(results[0])));
- }
- });
- });
- })
- .then((result) => {
- // 如果 redis 处于 connected 状态, 并且没有被缓存
- if (client.connected && !cached) {
- logger.debug(`Cache save ${username}}`);
- client.hmset(username, result);
- }
- return result;
- })
- .then((result) => {
- return new Promise((resolve, reject) => {
- if (md5(password) == result.password) {
- logger.debug(`password compare success! ${username}/${password}`);
- resolve()
- } else {
- reject(new Error('Wrong Password'));
- }
- });
- })
- .then((result) => {
- var response = radius.encode_response({
- packet: packet,
- code: 'Access-Accept',
- secret: secret
- });
- logger.debug(`Sending Access-Accept for user ${username}`);
- server.send(response, 0, response.length, rinfo.port, rinfo.address, (err, bytes) => {
- if (err) {
- logger.error(`Error sending response to ${err}`);
- }
- });
- })
- .catch((err) => {
- console.log(err);
- var response = radius.encode_response({
- packet: packet,
- code: 'Access-Reject',
- secret: secret
- });
- logger.debug(`Sending Access-Reject for user ${username}`);
- server.send(response, 0, response.length, rinfo.port, rinfo.address, (err, bytes) => {
- if (err) {
- logger.error(`Error sending response to ${err}`);
- }
- });
- });
- });
- server.on('listening', () => {
- logger.info('Server is running...');
- });
- server.bind(1812);
Add Comment
Please, Sign In to add comment