External authorization page for HotSpot Mikrotik - hotspot

Sorry for my english.
Please advise how to implement the following:
There is MikroTik with a configured HotSpot for guests, Trial mode, that is, by default, when you click on the Trial button, the user immediately connects to the Internet. But the task was for the user to enter a password that changes daily. Implemented this with PHP, but Mikrotik doesn't run PHP.
And the question is how to make authorization on a third-party hosting or how to implement a password system?
Thanks

Related

Limiting the number of logins by ip address in moodle

Am using Moodle for online quizzes locally in a lap environment.
I am facing a problem with students sharing log in credentials in the exam. so am searching for a solution that will associate every user with a single ip address for a period of time. is there is any way from moodle to do this.
This may not be possible to completely prevent without writing a new plugin to cache the login and restrict any new logins for a period of time. IP address probably isn't the best way to do this, as multiple students could be using the same IP address if sharing something like a WiFi connection at a campus or public location.
However, you can make it a little more difficult.
1.) Enable the "Limit concurrent logins" setting. You can find this in Site Administration > Plugins > Authentication > Manage Authentication.
2.) Try this plugin. It will cache login information for a student when accessing a quiz and prevent another computer from logging in to the same account from continuing that same quiz.
3.) Use some sort of single-sign-on service which you can connect with Moodle via a SAML2 plugin like this one. Look for a service that provides the specific functionality you're asking for.
4.) Use multi-factor authentication. You can combine this with option #3 above or look for a plugin supported by your current version of Moodle. Lambda Solutions appears to have a commercial product for this. There is also an older plugin on Moodle's site that you could get a developer to update for you.

Does whatsapp store password?? Or are their Sockets always open?

I am trying to figure out how to auto-reconnect a ejabberd socket connection. Like whatsapp, Facebookmessenger etc
For example, when the app is closed, and i receive a push notification to wake the app up and that calls to connect the connection, or if i put the app to the background for an hour, and the connection has been idle too long and get disconnected,then i put the app back to the foreground.
I can only think of 2 ways to automatically connect to the ejabberd server.
1.) To have the JID and Password stored(but this is not good for safety reason)
2.) To have the ejabberd idle connection set to never disconnect a connection(But this uses quite a lot of resources)
Is there any other possibility to automatically re-connect a user to the server?
You cannot stay connected all the time on mobile. This is the case today on iOS and is going to be the same on Android with Android Marshmallow.
So, you need to authenticate and store some form of credentials. It does not have to be a password. If you have a custom auth module in ejabberd for example, it can be a token.
Please, note that you can also store sensitive data encrypted on mobile. Both Apple and Google provide a keychain API that is design to protect the credential. It is not accessible in cleartext from a backup for example.

Correcting Gmail's "sign-in attempt blocked"

I need my application to be able to log on to Gmail and send email on behalf of the user. The user supplies credentials. However, when I do so I get this message from Gmail:
Subject: Google Account: sign-in attempt blocked
Hi Jessica,
We recently blocked a sign-in attempt to your Google Account [...].
...
If this was you you can switch to an app made by Google such as Gmail
to access your account (recommended) or change your settings at
https://www.google.com/settings/security/lesssecureapps so that your
account is no longer protected by modern security standards.
I would like my app to "protect users by modern security standards" but nowhere do I find any data on what "modern security standards" means in this context. The app uses SSL, user name and password.
The app works if you do click the link, but I really don't want my users to have to click the "lesssecureapps" link, though if that is the only option, so be it. But I'd rather modify my app to be compliant with what Gmail needs. However, nowhere does it say what I am missing.
Any help please? I want to do the right thing.

How can I automatically login to Hotspots service?

I'm working on an app which logs automatically in to a hotspot service (Fon Hotspots).
The service I want to uses is a unprotected WiFi-connection which asks a login and password in the first screen you open.
I want to let the app do it automatically so you don't need to do it each time by yourself.
So you need to enter before your login and password in the app and save it.
Can someone tell me which functions I need to use and how it works?
It is my understanding that the iPhone takes care of network connections for you. I think you just need to test to see if the device is connected to a network and then do whatever you need to do.

How can I avoid google mail server asking me to log in via browser?

I am trying to send emails from Django using an email configured by Google Apps, my configuration at the settings.py file looks something like this:
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_HOST_USER = 'contact#mydomain.com'
EMAIL_HOST_PASSWORD = 'password'
EMAIL_PORT = 587
EMAIL_USE_TLS = True
When I try to send an email using:
from django.core.mail import send_mail
send_mail("Happy new year", "We wish you the best for 3001",
"contact#mydomain.com", ["someuser#gmail.com"])
I get the following error:
SMTPAuthenticationError:
(535, '5.7.1 Please log in with your web browser and then try again.
Learn more at
5.7.1 https://support.google.com/mail/bin/answer.py?answer=78754 k2sm758604obl.14')
Since I'm working on a remote server with no graphical user interface, I cannot even try to login from the browser.
Just go to
https://accounts.google.com/DisplayUnlockCaptcha
and click "continue". This is going to allow access from other servers.
I've been messing with this for a couple of hours within a cucumber/capybara/selenium test - discovered something stupid which will fix this error for good, guaranteed
The all too familiar error:
Please log in via your web browser: https://support.google.com/mail/accounts/answer/78754 (Failure) (Net::IMAP::NoResponseError)
As it turns out, there are TWO "Allow Less Secure Apps" toggles which need to be changed to allow logins from unknown devices/IMAP.
One here: https://myaccount.google.com/security?pli=1#connectedapps (bottom of the page)
And one here: https://www.google.com/settings/security/lesssecureapps
BOTH OF THESE GODFORSAKEN TOGGLES need to be changed to get rid of this error message.
edit: from user Milothicus (https://stackoverflow.com/users/3538026/milothicus): in myaccount.google.com, under 'Sign-in & Security', select 'Connected apps & sites'. this also has an option to 'Allow less secure apps'. after turning this one on, my server could now send me an automated email.
When I tried to access my account I was sent this email consisting of this link.
https://www.google.com/settings/security/lesssecureapps
You can turn-on then possibly turn-off after you've done testing.
I got the following response from Google Apps support:
You need to turn on your Outbound relay. To do this:
Log into your account at google.com/a/yourdomain.com
Click the Settings tab and then select Email in the left column.
In the Outbound relay section, select Allow users to send mail through an external SMTP when configuring a "from" address hosted
outside your domain.
Click Save changes.
They also provided a help link: http://support.google.com/a/bin/answer.py?hl=en&answer=176054
After turning on Outbound relay and using the proxy to login to the webmail one more time (thanks to #DaniloBargen and #joshcartme) the issue was resolved. I've read the link explaining what the Outbound relay is and I'm not really sure why would I need it (I don't believe I'm using an external SMTP server).
Since I'm not really sure this is what solved the issue I won't mark the response as accepted until I get some confirmation.
Set up an ssh tunnel to the server in question so that you could, from your home computer, log in to the gmail web client using the server's IP. You probably need to tunnel port 80 and port 443, maybe just 443. After logging in through the web client the problem should go away according to knowledge base article listed in the SMTPAuthenticationError.
Here's an example of how to set up the tunnel:
http://www.noah.org/wiki/SSH_tunnel#simple_port_forwarding_.28SSH_tunneling.29
Option #1 (this worked for me):
After getting the error Please log in with your web browser and then try again. Learn more etc. when trying to send email from my web application, I logged in to the email via browser from my local computer.
After I logged in, there was a yellow notification bar on top which asking me if I want to allow external application access my mail. I confirmed this and Google asked me to log in to the account from the application within the next 10 mins. This will white-list the application.
Option #2:
If Option #1doesn't work for you, try this: http://www.rocketideas.com/2012/05/gmail-error-password-not-accepted-from-server-solved/
etusm provided two locations to turn on less secure apps:
One here: https://myaccount.google.com/security?pli=1#connectedapps
(bottom of the page)
And one here: https://www.google.com/settings/security/lesssecureapps
both were turned on, but my headless server still couldn't send me an email. based on JohnPang's google+ recommendation, i found a third location where i had to allow access to less secure apps:
in myaccount.google.com, under 'Sign-in & Security', select 'Connected apps & sites'. this also has an option to 'Allow less secure apps'. after turning this one on, my server could now send me an automated email.
I found the solution at: https://support.google.com/accounts/answer/185833?hl=en and finally https://security.google.com/settings/security/apppasswords
If you are testing your project on a local machine, you should go to the latter link, and enable "Access for less secure apps".
Do you have two factor authentication enabled for the apps account ? Then you might need to use an application specific password for that application.
All of the above doesn't help in my case (weird). But this link might help you:
https://security.google.com/settings/security/activity
You can access it via Google Plus
Open Google+
Select "Security" from the top
Under "Recent activity" click "View all events"
You will see a list of "Unusual Activity"
It shows "Application / device sign-in attempt (prevented) Singapore" as I'm using AWS from Singapore
Click on "Change" > "Yes, that was me!"
Retry again. Done!
As of now (look at my post date) there is only one "Allow less secure apps" toggle in the Gmail account admin UI:
https://myaccount.google.com/u/0/security#connectedapps
It'll work from your local computer (Mac or PC) after that.
To allow access from Amazon EC2 (and I suspect other Cloud-located hosts), there is yet another flag to set in Google's never ending battle with spammers:
https://accounts.google.com/b/0/DisplayUnlockCaptcha
Recently, I have found that this issue can be resolved by confirming that the activity has originated from a request I initiated, by visiting Google Account
I had to confirm, under Security Events, that the suspicious activity was in-fact me, even though the originating server from where the request came from was cloud hosted, and therefore over 1000 km away. After clicking this step, and setting less secure apps, I was able to use getmail to retrieve my mail, over ssl using either imap or pop.
Just want to highlight Danilo Bargen's comment:
An easier way to connect to the other network using tunnels is to use a dynamic tunnel (ssh -D 6789 remotehost) and then to set localhost:6789 as SOCKS5-Proxy in Firefox. Then you are basically in the remote network with your browser and localhost is the remote host
Also I want to add that SOCKS Proxy method also works with Chrome. As a result you can log in with your local web browser as if you are on a server.
change your settings at https://www.google.com/settings/security/lesssecureapps so that your account is no longer protected by modern security standards.
This is occuring due to some apps are marked as less secure apps by google. So to use those apps, you need to give access for those apps. to do that follow http://www.codematrics.com/your-imap-server-wants-to-alert-you-to-the-following-please-login-via-your-web-browser-gmail/
Hope this will solve your issue.
In my case, when i tried to login to the google account via web, it asked me for a captcha. I entered the captcha and then the automation worked.