listo funcionmiento por usuario y contraseña

2025-09-24 16:08:16 -06:00
parent 4f409cb4ec
commit c77ec9943b
9 changed files with 140 additions and 8 deletions
--- a/node-api/index.js
+++ b/node-api/index.js
@@ -99,6 +99,46 @@ app.post('/accounting', (req, res) => {
  return res.status(200).json({});
 });

+// Authorize inner-tunnel (EAP): devolver Cleartext-Password para el usuario
+app.post('/authorize-inner', (req, res) => {
+  console.log('--- RADIUS Authorize (inner) ---');
+  console.log(JSON.stringify(req.body, null, 2));
+
+  const attrs = normalizeAttributes(req.body);
+  const users = {
+    'user1': 'contra1',
+    'user2': 'contra2',
+  };
+  const username = (attrs['User-Name'] || '').toString();
+  const password = users[username];
+
+  if (!password) {
+    pushRequest({
+      id: Date.now() + ':' + Math.random().toString(16).slice(2),
+      ts: new Date().toISOString(),
+      type: 'authorize-inner',
+      attrs,
+      decision: 'notfound',
+    });
+    // No devolvemos nada -> FreeRADIUS seguirá su flujo y probablemente rechace
+    return res.status(200).json({});
+  }
+
+  pushRequest({
+    id: Date.now() + ':' + Math.random().toString(16).slice(2),
+    ts: new Date().toISOString(),
+    type: 'authorize-inner',
+    attrs,
+    decision: 'provide-password',
+  });
+
+  return res.status(200).json({
+    control: {
+      'Cleartext-Password': password,
+    },
+  });
+});
+
 // API: recent requests
 app.get('/api/requests', (req, res) => {
  res.json({ items: requests.slice(-MAX_REQUESTS) });