WifiDog 认证协议研究之 Auth Server

认证流程如下图：

认证流程详解：

1.Login登录（参照 login/index.php）

服务器验证后，Redirect to GW，携带 token

http://$_REQUEST[gw_address]:$_REQUEST[gw_port]/wifidog/auth?token=$token

2.Validation of ID

服务器返回 Status

Auth: 1

Messages: | 认证信息（如错误之类的消息）

common.php中有如下定义：

/* Constant shared with the gateway

* NEVER edit these, as they mush match the C code of the gateway */

define('ACCOUNT_STATUS_ERROR', -1);

define('ACCOUNT_STATUS_DENIED', 0);

define('ACCOUNT_STATUS_ALLOWED', 1);

define('ACCOUNT_STATUS_VALIDATION', 5);

define('ACCOUNT_STATUS_VALIDATION_FAILED', 6);

define('ACCOUNT_STATUS_LOCKED', 254);

auth.h中也有相应定义：

/**

* @brief Authentication codes returned by auth server.

*

* Authentication result codes returned by auth_server_request() corresponding

* to result code from the central server itself.

*/

typedef enum {

AUTH_ERROR = -1, /**< An error occured during the validation process*/

AUTH_DENIED = 0, /**< Client was denied by the auth server */

AUTH_ALLOWED = 1, /**< Client was granted access by the auth server */

AUTH_VALIDATION = 5, /**< A misnomer.  Client is in 15 min probation to validate his new account */

AUTH_VALIDATION_FAILED = 6, /**< Client had X minutes to validate account by email and didn't = too late */

AUTH_LOCKED = 254 /**< Account has been locked */

} t_authcode;

本文由http://www.wifidog.pro/2015/01/29/wifidog-authserver.html 整理编辑，转载请注明出处