[isf-wifidog] auth server: debian packaging, timeouts, kicking users, captcha

Ian White ian.white at datamile-computers.com
Mer 17 Mai 08:18:29 EDT 2006 

Alex,

There are some code is the publicip.net version of the auth server 
that does this kind of thing.

I think when a connection is first made connection.timestamp_in is 
set, now if you have as part of the auth counters process, and diff 
check on current time - timestamp_in you should be able to limit login 
time by logging them out there. You could also do limits on traffic 
counters

On the spam attacks, I've seen some code that blocks a mac from 
repeated login attempts by entering the ip into a block table, and 
then ignoring login requests.

Ian

Not sure on the messaging , but v2 is looking at that issue.

As auth.php is the central place you can 
> Ian,
> 
> thanks indeed for your help -
> 
> now what I do to log out the user is running a small Perl script from
> cron doing this:
> 
>         UPDATE connections SET token_status='USED'
>         WHERE NOW()-timestamp_in > '60 minutes'
> 
> What did you mean by changing the auth/index.php? When I set the 
token
> to 'USED', any web access will be redirected to the login page 
again -
> do you mean some message like "You have been logged out after 60 
minutes
> of online time"? How should the auth/index.php "know" that this just
> happened? Just display that sentence for 5 minutes after the user 
being
> logged out, that is having a 'USED' session less than 5 minutes old?
> Something like
> 
>      SELECT user_id,user_ip,user_mac FROM connections WHERE
> token_status='USED' AND NOW()-last_updated < '5 minutes'
> 
> I didn't figure how to do this autologout feature elegantly using a
> trigger and stored procedure as I'm not familiar with Postgres, and a
> cronjob will do for my urgent needs. If anyone can come up with an
> "inside the database" solution, I'm anxious for your input :-)
> 
> I'll have a look at some PHP captcha library for the Turing test now.
> 
> Thanks again for your help!
> 
> Alex
> 
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> 
>

More information about the WiFiDog mailing list