[isf-wifidog] Another authentication method?

[Benoit Grégoire]

On 4 April 2008, Robin Jones wrote:
> You are right, the URL is quite long, this is because of the way that
> wifidog works. The validation includes such data as the clients mac
> address etc.
>
> Is it not possible for the sponsor to click the link to validate the
> client? This should work, even when off site.
>
> Through code, this could be achieved by creating a new table in the
> wifidog database and modifying how the validation works so the link is
> sent to a table and a random alphanumeric code is generated. This would
> then be sent to a special mailbox that the administrator checks. An
> input box and button could then be generated in the login template which
> would redirect the user to the right URL.

Actually, the current validate script could be changed easily to achieve much 
of 
this.  User id, mac, etc are only passed so the system can login the user, 
and possibly open an internet session in a single request.  The only real 
piece of information is the actual token.  You could change the generation 
algorithm to generate something shorter.

You would however have to change the login screen so that if someone tries to 
login with an unvalidated account, the form modifies itself to allow him to 
enter the token.

-- 
Benoit Grégoire
Technologies Coeus inc.