hi,
Mikrotik class contains a login function for router administration. can any one provide me with the same but for hotspot user login validation…
it will be great if it is c# code..
thx
There’s no way to do this with the API protocol in general. Nor with SSH.
The only way is for the client device itself to make an HTTP request to the router (containing the hotspot username and password). You could send such a request in the background using AJAX, but that doesn’t change the fact that the request must be made between the client device and the router, as opposed to what you want - an exchange between the server and the router, with the client receiving just a cookie afterwards. That’s possible in theory, but is not supported by RouterOS (yet?).
thx for reply..
what abt the php code that resets the password : http://wiki.mikrotik.com/wiki/API_PHP_package (“Forgotten password” form for hotspot user)…
what i need is to redirect the hotspot user from the default router hotspot login page to my login page and then validate the user name and password through the router (hotspot users in the router)..if the username and password are not validated the code behind should create a new hotspot user and send the details through sms to the user. i have the part of creation the hotspot user but the missing is how to validate the login…
thx again …
what abt the php code that resets the password : > http://wiki.mikrotik.com/wiki/API_PHP_package > (“Forgotten password” form for hotspot user)…
What about it? It doesn’t do login. It merely checks if there exists a user with a specified email and “phone” (comment really…), and sets a password to it if so. You can do that, but you can’t do the actual login procedure from API (as in “add a user to the active users list”).
what i need is to redirect the hotspot user from the default router hotspot login page to my login page and then validate the user name and password through the router (hotspot users in the router)..if the username and password are not validated the code behind should create a new hotspot user and send the details through sms to the user. i have the part of creation the hotspot user but the missing is how to validate the login…
I’m not sure if you could do creation automatically on such a condition, but you could certainly do it “on demand”.
That is, make a “registration” page, where the user specifies their phone number, and you generate a username and password that you then send via SMS… or where you also let them choose their desired username, and check if it exists (but keep in mind attackers would abuse this to make cracking existing accounts easier).
“let them choose their desired username, and check if it exists” how to do this and then how to authenticate the hotspot users and allow them to use the internet …
I mean if i redirect users from the default hotspot login (in the router) to my login page in my web server. how the authentication should be done if the user is already exist in the list of the router hotspot users?
any code..
thx
and then how to authenticate the hotspot users and allow them to use the internet …
Once a user is registered, they can return to the login page, and login using their newly created username and password. As already stated, you can’t login them automatically yourself. They must do so themselves.
“let them choose their desired username, and check if it exists” how to do this
You send a “print” request with a query, and check if it returns zero. If it does, the user does not exist.
Protocol wise, it looks like:
/ip/hotspot/user/print
=count-only=
?name=usernameToBeChecked
where “usernameToBeChecked” is the desired username, and the response is
!done
=ret=1
(where if “ret” is “1”, the username exists, and if “0”, it does not)
Using the PHP package, it would look like:
<?php
use PEAR2\Net\RouterOS;
require_once 'PEAR2/Autoload.php';
if (isset($_GET['act'])) {//This is merely to ensure the form was submitted.
$errors = array();
try {
//Adjust RouterOS IP, username and password accordingly.
$client = new RouterOS\Client('192.168.0.1', 'admin', 'password');
} catch (Exception $e) {
$errors[] = 'We are sorry, but we are unable to register you at this time. Please try again later.';
}
//This is just one approach that allows you to create a multi purpose form,
//with ping being just one action.
if ($_GET['act'] === 'reg') {
if (!isset($_POST['username'])) {
$errors[] = 'You must provide a desired username.';
}
if (!isset($_POST['password'])) {
$errors[] = 'You must provide a password.';
}
if (!isset($_POST['password2'])) {
$errors[] = 'You must confirm your password.';
}
if ($_POST['password'] !== $_POST['password2']) {
$errors[] = 'Passwords do not match.';
}
if (empty($errors)) {
//We are connected to the router and we have a valid username and password.
//Check for existence of user NOW, and register them if they don't exist.
$printRequest = new RouterOS\Request(
'/ip hotspot user print count-only=""',
RouterOS\Query::where('name', $_POST['username'])
);
if ($client->sendSync($printRequest)->getArgument('ret') != '0') {
$error[] = 'The desired username is already taken.';
}
if (empty($errors)) {
$addRequest = new RouterOS\Request('/ip hotspot user add profile=profile1');
$addRequest
->setArgument('name', $_POST['username'])
->setArgument('password', $_POST['password']);
if (count($client->sendSync($addRequest)) > 1) {
$error[] = 'We failed to register you for some unknown reason. Please contact us about it.';
}
}
}
}
}
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>User registration</title>
<style type="text/css">
#errors {background-color:darkred;color:white;}
#success {background-color:darkgreen;color:white;}
</style>
</head>
<body>
<div>
<?php
if (isset($_POST['act'])) {//There's no need to execute this if the form was not submitted yet.
if (empty($errors) {
echo '<div id="success">You are now registered!</div>';
} else {
echo '<div id="errors">There were errors when trying to register you:<ul>';
foreach ($errors as $error) {
echo '<li>', $error '</li>';
}
echo '</ul></div>';
}
}
?>
<form action="" method="post">
<ul>
<li>
<label for="username">Username:</label>
<input type="text" id="username" name="username" value="<?php
if (isset($_POST['username'])) {
echo htmlspecialchars($_POST['username']);
}
?>" />
</li>
<li>
<label for="password">Password:</label>
<input type="password" id="password" name="password" value="" />
</li>
<li>
<label for="password2">Confirm password:</label>
<input type="password" id="password2" name="password2" value="" />
</li>
<li>
<input type="submit" id="act" name="act" value="reg" />
</li>
</ul>
</form>
</div>
</body>
</html>
(P.S. A few of the critical lines will not be needed in the upcoming version, in favor of more compact one liners, but this is what you can use today with the exact same effect, and which will still work the same then as well)
thx for quick reply
sorry I don’t know any thing a bout mikrotik but I have to add this layer of authentication. hope this will be the last question 
now how to send the username and password to the router for authentication (the request to authenticate the username and pass from my page to router). i mean the code syntax in c# , vb.net, c or c++ but not php
thx in advance…
Because it’s the user’s browser that must make the request, you need to redirect them to the login page, with the credentials supplied. You can NOT check whether they logged in successfully, but if you redirect them to the login page using the credentials you just generated for them, it’s safe to assume they logged in successfully.
To do a redirect, you use the System.Web.HttpResponse.Redirect(string, bool) method (with System.Web.HttpUtility.UrlEncode(string) over the variables, for security’s sake).
Or in a more actual code:
System.Web.HttpResponse.Redirect("http://IP-or-DNS-name-of-router/login?username=" + System.Web.HttpUtility.UrlEncode(username) + "&password=" + System.Web.HttpUtility.UrlEncode(password), true);
hi,
how can I check if the user entered a valid user name and password after using (System.Web.HttpResponse.Redirect)?any returned value? i need to redirect valid users to google.com.
thx in advance
As I said,
You can NOT check whether they logged in successfully, but if you redirect them to the login page using the credentials you just generated for them, it’s safe to assume they logged in successfully.
I think you can configure the router itself to redirect to google.com on successful login by altering alogin.html to contain
<meta http-equiv="Refresh" content="1; url=http://google.com" />
hi,
what abt invalid user or password…
I need something like:
if(valid)
{
redirect(“google.com”)
}
else
{
message box(“invalid user or pass”)
create_new_user_form.Open();
}
thx
You can add/alter “flogin.html” in the hotspot folder to be the HTML page served on failure. Similarly to alogin.html, you could make it redirect to another page, such as back to the login page, plus an argument to trigger the error message.
many thanks to you boen_robot..
everything is clear now