项目作者: bsab

项目描述 :
Authenticate Unifi WiFi Guests with Django
高级语言: Python
项目地址: git://github.com/bsab/django-unifi-portal.git
创建时间: 2017-06-07T14:40:15Z
项目社区:https://github.com/bsab/django-unifi-portal

开源协议:MIT License

下载


Preview

Django-Unifi-Portal is a custom portal based on two authentication/registration mechanism:

  • Django user authentication system
  • Facebook OAuth2 logging.

It is a powerful reusable Django app for interacting with the Unifi AP Controller software, version 4 and 5.

The UniFi® AP is an Access Point ideal for deployment of high-performance wireless networks. Here you can find more details.

Preview

Overview

Django-Unifi-Portal works with Django 1.10/1.11.
It is based on this article from community.

How It Works

When an guest try to connects to a wireless network with the guest policy enabled, http requests are redirected to the django-portal server.

When the form is submitted or the Facebook sign in has been validated, Django validates the user and then uses the Unifi API to authorize the guest’s MAC address.

Quick start

  • Setup Django-Unifi-Portal application in Python environment:
  1. $ pip install django-unifi-portal
  • To get the latest version

    1. $ pip install git+https://github.com/bsab/django-unifi-portal.git
  • Migrate the django_unifi_portal app to create the user model:

  1. $ python manage.py migrate django_unifi_portal
  2. $ python manage.py migrate
  • Add “django_unifi_portal” to your INSTALLED_APPS:

    1. INSTALLED_APPS = (
    2. ...,
    3. 'django_unifi_portal',
    4. )
  • Copy this configuration and paste it on file named unifi_settings.py:

    1. from django.core.urlresolvers import reverse_lazy
    2. UNIFI_INSTALLED_APPS = [
    3. # material apps
    4. 'material',
    5. 'oauth2_provider',
    6. 'social_django',
    7. 'rest_framework_social_oauth2',
    8. 'django_unifi_portal',
    9. ]
    10. UNIFI_LOGIN_URL = '/unifi-portal/login'
    11. UNIFI_LOGIN_REDIRECT_URL = reverse_lazy('index')
    12. UNIFI_TEMPLATE_CONTEXT_PROCESSORS = [
    13. 'material.frontend.context_processors.modules',
    14. 'social_django.context_processors.backends',
    15. 'social_django.context_processors.login_redirect',
    16. 'django_unifi_portal.context_processor.unifi_context'
    17. ]
    18. UNIFI_TEMPLATE_BUILTINS = 'material.templatetags.material_form'
    19. UNIFI_AUTHENTICATION_BACKENDS = (
    20. # Others auth providers (e.g. Google, OpenId, etc)
    21. # Facebook OAuth2
    22. 'social_core.backends.facebook.FacebookAppOAuth2',
    23. 'social_core.backends.facebook.FacebookOAuth2',
    24. # Django
    25. 'django.contrib.auth.backends.ModelBackend',
    26. )
    27. UNIFI_SOCIAL_AUTH_PIPELINE = (
    28. 'social_core.pipeline.social_auth.social_details',
    29. 'social_core.pipeline.social_auth.social_uid',
    30. 'social_core.pipeline.social_auth.auth_allowed',
    31. 'django_unifi_portal.pipeline.manage_auth_already_associated',
    32. 'social_core.pipeline.social_auth.social_user',
    33. 'social_core.pipeline.user.get_username',
    34. #'django_unifi_portal.pipeline.require_email',
    35. 'social_core.pipeline.mail.mail_validation',
    36. 'social_core.pipeline.user.create_user',
    37. 'social_core.pipeline.social_auth.associate_user',
    38. 'social_core.pipeline.debug.debug',
    39. 'social_core.pipeline.social_auth.load_extra_data',
    40. 'social_core.pipeline.user.user_details',
    41. 'django_unifi_portal.pipeline.user_details',
    42. 'django_unifi_portal.pipeline.save_profile',
    43. 'social_core.pipeline.debug.debug',
    44. )
    45. # Define SOCIAL_AUTH_FACEBOOK_SCOPE to get extra permissions from facebook.
    46. # Email is not sent by default, to get it, you must request the email permission:
    47. SOCIAL_AUTH_FACEBOOK_SCOPE = ['email']
    48. SOCIAL_AUTH_FACEBOOK_PROFILE_EXTRA_PARAMS = {
    49. 'fields': 'id, name, about, email, birthday, gender, hometown, languages'
    50. }
    51. UNIFI_SERVER = "<your UniFi Server ip>
    52. UNIFI_PORT = <your Unifi Server Port> # default is 8443
    53. UNIFI_VERSION = 'v4'
    54. UNIFI_SITE_ID = 'default'
    55. # It's important to note that if this server is offsite, you need to have port 8443 forwarded through to it
    56. UNIFI_SSID = '<your ssid name>'
    57. UNIFI_LOGO = '<relative path under the static folder to the logo png>'
    58. UNIFI_USER = "<your UniFi Username>"
    59. UNIFI_PASSWORD = "<your UniFi Password>"
    60. UNIFI_TIMEOUT_MINUTES = <minutes> # ex. 8 hours is 480
    61. # Facebook configuration
    62. SOCIAL_AUTH_FACEBOOK_KEY = "<your Facebook key>"
    63. SOCIAL_AUTH_FACEBOOK_SECRET = "<your Facebook api secret>"
  • Then add this configuration to your settings.py:

    1. #################################################
    2. # UNIFI CONFIGURATION #
    3. #################################################
    4. from unifi_settings import *
    5. INSTALLED_APPS += UNIFI_INSTALLED_APPS
    6. LOGIN_URL = UNIFI_LOGIN_URL
    7. LOGIN_REDIRECT_URL = UNIFI_LOGIN_REDIRECT_URL
    8. TEMPLATES[0]['OPTIONS']['context_processors'] += UNIFI_TEMPLATE_CONTEXT_PROCESSORS
    9. # shortcut for in form templates
    10. try:
    11. # shortcut for in form templates
    12. from django.template.base import add_to_builtins
    13. add_to_builtins(UNIFI_TEMPLATE_BUILTINS)
    14. except ImportError:
    15. """
    16. Django 1.9.
    17. """
    18. TEMPLATES[0]['OPTIONS']['builtins'] = [
    19. UNIFI_TEMPLATE_BUILTINS,
    20. ]
    21. AUTHENTICATION_BACKENDS = UNIFI_AUTHENTICATION_BACKENDS
    22. SOCIAL_AUTH_PIPELINE = UNIFI_SOCIAL_AUTH_PIPELINE
  • You need to map the views to an url in url.py file:

    1. url(r'', include('django_unifi_portal.urls')),
  • If you want you can use the base UnifiUser model or extend it defining a simple model like this :

    ```python
    from unifi_portal.models import UnifiUser
    class CustomUnifiUser(UnifiUser):

    1. nick = models.CharField(max_length=100)

Unifi Server Configuration

Last, setup UniFi to point to the IP of the django portal al server. You can test authentication by inserting a dummy account in to the database.

Config

It’s important to note that you cannot include folders in your External Portal option, just an IP address. You can either modify the default Apache2 index.html file to redirect to the appropriate path, or create a symlink to the guest/s/default/index.php file.

Contributing

Contributions welcome; Please submit all pull requests against the master branch. If your pull request contains Python patches or features, you should include relevant unit tests.
Thanks!

Author

Sabatino Severino, @bsab

License

Django-Unifi-Portal is available under the MIT license. See the LICENSE file for more info.

Disclaimer

Ubiquiti will not support this code. It is provided simply as an example of a rudimentary, functioning external portal.

PLEASE NOTE: This package is still in development so please use with caution.