Google Summer of Code 2017 Django-freeradius

Three months have passed since the beginning of this experience. I was quite fortunate to work for OpenWISP on django-freeradius under the guidance of my mentors Federico Capoano, Iacopo Spalletti and Ilaria De MarinisWith this project, I managed to learn many new things but above all, I started to understand freeradius . This summer I have improved my knowledge and skills thanks to the guidance and the patience of my mentors.

The Project

Django-freeradius is the project I worked on this summer and it is part of the OpenWISP project. 

OpenWISP logo

 

Django-freeradius is a web interface for freeradius. But what’s freeradius exactly?

FreeRADIUS is the most popular open source RADIUS server and the most widely deployed RADIUS server in the world. It supports all common authentication protocols, and the server comes with a PHP-based web user administration tool called dialupadmin. It is the basis for many commercial RADIUS products and services, such as embedded systems, RADIUS appliances that support Network Access Control, and WiMAX. It supplies the AAA needs of many Fortune-500 companies, telcos, and Tier 1 ISPs. It is also widely used in the academic community, including eduroam. The server is fast, feature-rich, modular, and scalable”. 

This app, in substance, will be a web interface to manage a freeradius database, with an additional RESTful API (using django REST framework) that will be used to retrieve session data from freeradius and to allow new users to register via third party apps.

 

All goals archived:

  • implement a reusable django app which allows to manage the main freeradius database tables (session/accounting, check, group, nas, reply) via the django-admin. (#1, #6, #7)

photo5848265695345879687

 

 

swap

 

  • implement a RESTful API that is dedicated to performing freeradius authorization. Authorization refers to the process of determining what permissions are granted to the user. (#30)

photo5843762095718509105photo5846013895532194127

 

  • implement a RESTful API that is dedicated to performing freeradius post-authentication. (#29)

photo5843762095718509101photo5843762095718509106

 

  • implement a RESTful API through which authorized users will be able to retrieve radius sessions, this API must be implemented using django REST framework. Accounting in the RADIUS protocol is the part that is responsible for keeping track of user sessions. (#3, #38)

photo5843762095718509104photo5846013895532194129

  • achieve a test coverage higher than 80% 
  • implement a “batch add users” feature, each batch operation and its details must be saved to the database  (work in progress)
  • tests added

photo5843762095718509133

 

Main Links:

Project Repository: https://github.com/openwisp/django-freeradius

Documentation: http://django-freeradius.readthedocs.io/en/latest/

Organization Website: http://openwisp.org/ 

Organization Github Page: https://github.com/openwisp

Thanks to this project I learned to use freeradius, to improve my knowledge of python, django and git. I also became acquainted with Travis (how many fights with you!) and python-sphinx. I am very glad for participating in GSOC that gave me the opportunity to contribute to an open-source project. I would like to thank Google for this amazing experience. Thanks also to the OpenWISP community but above all to my mentors for their suggestions and teachings. 

gsoc2017

Status

Google Summer of Code 2017

gsoc2017

The 4th of May  I received an email whose subject read “GSoC 2017: Congratulations, your proposal with OpenWisp has been accepted!”. Yeah!!!

The Project

Django-radius is the fantastic project I will spend my summer working on.  Django-radius is a web interface for freeradius.  But what is it exactly freeradius?

FreeRADIUS is the most popular open source RADIUS server and the most widely deployed RADIUS server in the world. It supports all common authentication protocols, and the server comes with a PHP-based web user administration tool called dialupadmin. It is the basis for many commercial RADIUS products and services, such as embedded systems, RADIUS appliances that support Network Access Control, and WiMAX. It supplies the AAA needs of many Fortune-500 companies, telcos, and Tier 1 ISPs. It is also widely used in the academic community, including eduroam. The server is fast, feature-rich, modular, and scalable”. 

Measurable outcomes:

  • implement a reusable django app which allows to manage the main freeradius database tables (session/accounting, check, group, nas, reply) via the django-admin
  • model references to the User must should be implemented using the swappable user model mechanism of django and default to django.contrib.auth.models.User
  • implement a “batch add users” feature, each batch operation and its details must be saved to the database
  • implement a RESTful API through which authorized users will be able to retrieve radius sessions, this API must be implemented using django REST framework
  • achieve a test coverage higher than 80%
  • provide documentation using python-sphinx, the documentation must be included in a docs/ directory in the repository

 

Stay tuned for future posts, I will try to explain what I am doing, and how I do it, with all the tricky details.