[asterisk-users] Requiring a login to a phone

Sat Dec 1 21:55:26 CST 2007

For such a simple application I'd use AstDB to avoid having to hassle with
an external database (and also means this sort of dialplan will work even on
embedded/slimmed Asterisk boxes that may not have db modules
loaded/available).   In any case, what Tilghman said is what I'd suggest as
well.

  http://www.voip-info.org/wiki/index.php?page=Asterisk+func+db
  http://www.the-asterisk-book.com/unstable/funktionen-db.html

Also consider allowing emergency number dialing to bypass authentication, if
applicable.

-jr

On Dec 1, 2007 5:32 PM, Tilghman Lesher <tilghman at mail.jeffandtilghman.com>
wrote:

> On Saturday 01 December 2007 18:09:27 Steve Johnson wrote:
> > Hi List,
> >
> > We have a remote asterisk SIP phone at the cottage.
> >
> > I'd like it to have minimal privileges when it first registers with
> > Asterisk. Ideally it should be in a restricted context.  Dialing any
> > number would intercept the call and tell the person to log on.  This
> > way, if the phone was stolen or someone got into the cottage, we
> > wouldn't have a bunch of surprise charges on our phone bill... :-)
> >
> > Once the phone has been authenticated, it should go into a context
> > with normal privileges.  After a couple of days of non-use, it should
> > auto-logout to the restricted context.
> >
> > How can I change the sip context of a phone on the fly, based on
> > authentication login?
>
> I wouldn't.  I'd do authentication on the fly, using a database of some
> kind.
>
> extensions.conf:
> [sip-phones]
> exten => _X.,1,Set(lastlogin=${ODBC_LOGIN(${CUT(CHANNEL,-,1)})})
> ; Logins expire after 86400 sec = 24 hours
> exten => _X.,n,GosubIf($[0${lastlogin} + 86400 < ${EPOCH}]?restricted,s,1)
> exten => _X.,n,Dial(Zap/g1/${EXTEN})
>
> [restricted]
> ; VMAuthenticate terminates the call if authentication fails.
> exten => s,1,VMAuthenticate
> exten => s,n,Set(ODBC_LOGIN(${CUT(CHANNEL,-,1)})=${EPOCH})
> exten => s,n,Set(lastlogin=${EPOCH})
> exten => s,n,Return
>
> func_odbc.conf:
> [LOGIN]
> dsn=asterisk
> read=SELECT lastlogin FROM logins WHERE channel='${ARG1}'
> write=UPDATE logins SET lastlogin=${VAL1} WHERE channel='${ARG1}'
>
> logins.sql:
> CREATE TABLE logins (
>        channel CHAR(50) PRIMARY KEY,
>        lastlogin INTEGER,
> );
> INSERT INTO logins VALUES ('SIP/100',0);
> INSERT INTO logins VALUES ('SIP/101', 0);
> INSERT INTO logins VALUES ('SIP/102', 0);
>
>

-- 
Grover Beach, California, USA
http://blog.joshrichards.org    josh.t.richards at gmail.com    +1 (805)
471-6923

http://www.linkedin.com/in/joshrichards
Supporting these causes: Kiva.org & RoomToRead.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20071201/4d27e1d6/attachment.htm 