OPNsense Forum

International Forums => German - Deutsch => Topic started by: joern on July 01, 2019, 12:18:42 pm

Title: [SOLVED] CaptivePortal API - beliebige Session loeschen
Post by: joern on July 01, 2019, 12:18:42 pm

Hallo,

ist es moeglich, mit Hilfe der API eine beliebige Session zu loeschen?

/api/captiveportal/access/logoff mit {"ipAddress": "10.10.101.153"} meldet: {"clientState":"UNKNOWN","ipAddress":"10.10.101.203"}

Die 10.10.101.153 ist dabei die IP Adresse bzw. Session, die ich loeschen will, und die 10.10.101.203 ist die IP Adresse, von der der Request abgesetzt wurde. {"sessionId": "sWZ0S1wyhR8MPqTLrNrPZA=="}' bringt die gleiche Meldung.

Die Session ist vorhanden:
"...bytes_out":1674477,"ipAddress":"10.10.101.153","packets_in":3831}...

In /usr/local/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/AccessController.php ist das definiert, werde aber nicht wirklich schlau draus..

Code: [Select]

   /**
     * logoff client
     * @param int|string zone id number
     * @return array
     * @throws \OPNsense\Base\ModelException
     */
    public function logoffAction($zoneid = 0)
    {
        if ($this->request->isOptions()) {
            // return empty result on CORS preflight
            return array();
        } else {
            $this->sessionClose();
            $clientSession = $this->clientSession((string)$zoneid);
            if ($clientSession['clientState'] == 'AUTHORIZED' &&
                $clientSession['authenticated_via'] != '---ip---' &&
                $clientSession['authenticated_via'] != '---mac---'
            ) {
                // you can only disconnect a connected client
                $backend = new Backend();
                $statusRAW = $backend->configdpRun(
                    "captiveportal disconnect",
                    array($zoneid, $clientSession['sessionId'], 'json')
                );
                $status = json_decode($statusRAW, true);
                if ($status != null) {
                    $this->getLogger("captiveportal")->info(
                        "LOGOUT " . $clientSession['userName'] .  " (".$this->getClientIp().") zone " . $zoneid
                    );
                    return $status;
                }
            }
        }
        return array("clientState" => "UNKNOWN", "ipAddress" => $this->getClientIp());
    }

Vielen Dank fuers lesen und Gruesse, Joern

edit:

OPNsense 19.1.9-amd64
FreeBSD 11.2-RELEASE-p10-HBSD
OpenSSL 1.0.2s 28 May 2019

Title: Re: CaptivePortal API - beliebige Session loeschen
Post by: joern on July 02, 2019, 10:38:29 am

curl -k -u "xxxxxx":"xxxx" -d '{"sessionId": "ID"}' -H 'Content-Type: application/json'  \
https:/IP-Adresse/api/captiveportal/session/disconnect/0/ scheint zu funktionieren.