#!/Python27/python
import sys
import os
import hashlib
import cgi
import cgitb
cgitb.enable()
# The page #1, that receives the Access-Request-URL, for example
# http://<ip>:<port>/welcome.py?xtm=[url=http://172.26.0.1:4106/wgcgi.cgi&action=hotspot_auth&ts=1344238620 ]http://172.26.0.1:4106/wgcgi.cgi&action=hotspot_auth&ts=1344238620 [/url]
# &sn=70AB02716F745&mac=9C:4E:36:30:2D:28&redirect=[url=http://www.bing.com/]http://www.bing.com/[/url]
def welcome():
# parse the parameters
xtm = ""
if "xtm" in form:
xtm = form["xtm"].value
action = ""
if "action" in form:
action = form["action"].value
timestamp = ""
if "ts" in form:
timestamp = form["ts"].value
serial_no = ""
if "sn" in form:
serial_no = form["sn"].value
mac = ""
if "mac" in form:
mac = form["mac"].value
redirect = ""
if "redirect" in form:
redirect = form["redirect"].value
print "Content-type: text/html\n"
print '<html>'
print '<head>'
print style
print '</head>'
print '<body>'
print '<div class="background">'
print '<div class="transbox">'
print "<h1>Joe's Cafe</h1>"
print "<h2>Welcome to free Wi-Fi</h2>"
print "<p>This location provides free wireless services. Our customers may surf the Internet at no charge after registering with our service. Please enter your email address and the order number from your receipt below.</p>"
print '<div id="register">'
if xtm == "" or action == "" or timestamp == "" or serial_no == "" or mac == "" or redirect == "":
print "<b> Invalid Request, missing some parameters </b>"
else:
# show the form
print '<form name="register" id="register" method="POST" action="welcome.py">'
print '<ul>'
print '<li><label>Email:</label><input type="text" name="email_address"></li>'
print '<li><label>Receipt:</label><input type="text" name="order_number"></li>'
print '<li><label> </label><input type="submit" value="Register" class="submit"></li>'
print '<input type="hidden" name="mac" value="'+mac+'">'
print '<input type="hidden" name="ts" value="'+timestamp+'">'
print '</ul>'
print '</form>'
print "</div>"
print "</div>"
print "</div>"
# show the annotation
print "<hr>"
print '<div style="color:gray">'
print "This page is envoked by the Access-Request-URL redirected from XTM. <br>"
print "The interesting parameters from the URL are <br>"
print "<b>xtm</b>="+xtm+"<br>"
print "<b>action</b>="+action+"<br>"
print "<b>timestamp</b>=" + timestamp+ "<br>"
print "<b>serial_no</b>="+ serial_no+ "<br>"
print "<b>mac</b>="+ mac+ "<br>"
print "<b>redirect</b>="+ redirect+ "<br>"
# save request information per mac address and timestamp
if mac != "":
x = mac.split(':')
fn = '_'.join(x)
f = open('C:/Apache24/1hotspot/'+timestamp+'_'+fn, 'w')
f.write(xtm+' '+action+' '+serial_no+' '+redirect)
f.close()
print "We save xtm, action, serial_no, and redirect in a local file", 'C:/Apache24/1hotspot/'+timestamp+'_'+fn
print "</div>"
print '</body>'
print '</html>'
# The page #2, that can send out the Access-Decision-URL
def register():
print "Content-type: text/html\n"
print '<html>'
print '<head>'
print style
print '</head>'
print '<body>'
print '<div class="background">'
print '<div class="transbox">'
if "order_number" not in form or "email_address" not in form:
# user did not enter necessary info
print "<h2>Please return to previous page, and enter order number and email address.</h2>"
else:
# get the request information saved in the file
timestamp = form["ts"].value
mac = form["mac"].value
x = mac.split(':')
fn = '_'.join(x)
f = open('C:/Apache24/1hotspot/'+timestamp+'_'+fn)
lines = f.readlines()
f.close()
w = lines[0].split()
xtm = w[0]
action = w[1]
serial_no = w[2]
redirect = w[3]
# calculate hash
#f = open('c:/www/hotspotdocs/secret')
#lines = f.readlines()
#f.close()
#secret = lines[0]
secret = 'thatsthekey'
success = '1'
sess_timeout = '60'
idle_timeout = '30'
m = hashlib.sha1()
m.update(timestamp+serial_no+mac+success+sess_timeout+idle_timeout+secret)
sig = m.hexdigest()
# The main text
print "<p>Value: ",timestamp+serial_no+mac+success+sess_timeout+idle_timeout+secret,"</p>"
print "<h1>Joe's Cafe</h1>"
print "<h2>Hello", form["email_address"].value, "</h2>"
print "<h2>Your order number is", form["order_number"].value, "</h2>"
# Create a link with the URL
url = xtm+"?action="+action+"&ts="+timestamp+"&success=1&sess_timeout=60&idle_timeout=30&sig="+sig+"&redirect="+redirect
print "<p>Thank you for visiting Joe's Cafe, press this "'<a href="', url, '">Connect</a>'" link or the button below to get access to the Internet.</p>"
# Create a form with the URL
print '<form name="register" id="register" action="'+ xtm +'" method="post">'
print '<ul>'
print '<li><label> </label><input type="submit" name="Connect" value="Connect" class="submit"></li>'
print '<input type="hidden" name="action" value="'+action+'">'
print '<input type="hidden" name="ts" value="'+timestamp+'">'
print '<input type="hidden" name="success" value="1">'
print '<input type="hidden" name="sess_timeout" value="60">'
print '<input type="hidden" name="idle_timeout" value="30">'
print '<input type="hidden" name="sig" value="'+sig+'">'
print '<input type="hidden" name="redirect" value="'+redirect+'">'
print '</ul>'
print '</form>'
print '</div>'
print '</div>'
# show the annotation
print "<hr>"
print '<div style="color:gray">'
print "<b>URL</b> of the link is "+url
print "<p>Note the URL is point to XTM. XTM will process it. It is constructed from data saved in ", 'C:/Apache24/1hotspot/'+timestamp+'_'+fn
print "</div>"
print '</body>'
print '</html>'
# The page #3, triggered by error in Access-Decision-URL. For example,
# http://<ip>:<port>/welcome.py?error=510&sn=70AB02716F745&mac=9C:4E:36:30:2D:28
def error():
serial_no = ""
if "sn" in form:
serial_no = form["sn"].value
mac = ""
if "mac" in form:
mac = form["mac"].value
print '<html>'
print '<head>'
print style
print '</head>'
print '<body>'
print '<div class="background">'
print '<div class="transbox">'
print "<h1>Joe's Cafe</h1>"
print "<h2>We encountered a difficulty to grant you access to Internet.</h2>"
print "<h2>Error code="+form["error"].value+"</h2>"
print '</div>'
print '</div>'
# show the annotation
print "<hr>"
print '<div style="color:gray">'
print "This indicates XTM (", serial_no, ") did not successfully grant access to the mac address", mac
print "</div>"
print '</body>'
print '</html>'
# read the css file
css = open('C:/Apache24/1hotspot/style.css')
style = css.read()
# determine whether this is for page #1 or page #2
form = cgi.FieldStorage() # parse query
if "order_number" in form:
register()
elif "error" in form:
error()
else:
welcome()
# close the css file
css.close()