WifiDog 认证协议研究之 Auth Server

认证流程如下图：



认证流程详解：

1.Login登录（参照 login/index.php）

服务器验证后，Redirect to GW，携带 token
http://$_REQUEST[gw_address]:$_REQUEST[gw_port]/wifidog/auth?token=$token
2.Validation of ID

服务器返回 Status

Auth: 1

Messages: | 认证信息（如错误之类的消息）

common.php中有如下定义：

/* Constant shared with the gateway

NEVER edit these, as they mush match the C code of the gateway */

define('ACCOUNT_STATUS_ERROR', -1);

define('ACCOUNT_STATUS_DENIED', 0);

define('ACCOUNT_STATUS_ALLOWED', 1);

define('ACCOUNT_STATUS_VALIDATION', 5);

define('ACCOUNT_STATUS_VALIDATION_FAILED', 6);

define('ACCOUNT_STATUS_LOCKED', 254);

auth.h中也有相应定义：

/**
* @brief Authentication codes returned by auth server.
*
* Authentication result codes returned by auth_server_request() corresponding
* to result code from the central server itself.
*/
typedef enum {
AUTH_ERROR = -1, /**< An error occured during the validation process*/
AUTH_DENIED = 0, /**< Client was denied by the auth server */
AUTH_ALLOWED = 1, /**< Client was granted access by the auth server */
AUTH_VALIDATION = 5, /**< A misnomer.  Client is in 15 min probation to validate his new account */
AUTH_VALIDATION_FAILED = 6, /**< Client had X minutes to validate account by email and didn't = too late */
AUTH_LOCKED = 254 /**< Account has been locked */
} t_authcode;