WiFi Hotspot & Captive Portal

../_images/openwisp-wifi-hotspot-demo.png

OpenWISP is widely used as an open source software solution for WiFi Hotspot Management in Public Wi-Fi settings.

In this tutorial, we’ll explain some technical details of the most common WiFi Hotspot deployments and how to test the most important functionalities of this use case on the OpenWISP Demo System.

Firmware Requirements for Hotspot Authentication

../_images/openwrt-coova-chilli-firmware.png

The OpenWrt firmware image provided for the OpenWISP Demo System includes a captive portal package called Coova-Chilli, which supports the RADIUS protocol, a standard protocol used for AAA (Accounting, Authorization and Authentication). This means it’s a way of authenticating, authorizing, and rate-limiting network usage supported by a lot of networking hardware and software.

Enable Captive Portal Template

../_images/captive-portal-demo.png

If you flashed the OpenWrt based firmware and registered your device as explained in the OpenWISP Demo Page, proceed to assign the captive portal template to your device:

  • Go to the device list.

  • Open the device details.

  • Click on the configuration tab.

  • Select the “Captive Portal Demo” template.

  • Hit “Save”.

Make sure the OpenVPN management tunnel is working or otherwise the captive portal software will not be able to talk to the demo FreeRADIUS server instance.

Shortly after the configuration is applied successfully, the Public WiFi SSID will be broadcasted by the access point.

Accessing the Public WiFI Hotspot

Connect your laptop or phone to the SSID “OpenWISP Public WiFi Demo”. If everything is working correctly, your operating system should open a browser window showing the captive page as shown in the screenshot above.

../_images/wifi-login-pages-public-wifi-hotspot.jpeg

At this point, try to sign in using the same credentials you used to access the demo system (demo/tester123).

Note

Trying to surf the internet without authenticating will not work.

Once you’ve logged in, you’ll see a status page as shown in the following screenshot:

../_images/hotspot-status.jpeg

This page communicates that the user can now use the internet provided by the hotspot, it also provides the following features:

  • It shows a list of the user’s sessions, including the start time, stop time, duration, traffic consumed (download and upload), and the MAC address of the device that accessed the WiFi service.

  • It allows to change the account password and phone number (if SMS verification is enabled, which is not the case for the demo system).

  • It allows to close the session and log out (more on why this is useful below).

On some mobile operating systems, the mini-browser automatically closes when switching windows (e.g., opening the real browser to surf the internet), which can be problematic if the user needs to use one of the features of the status page listed above.

../_images/public-wifi-session-started.jpeg

To alleviate this issue, OpenWISP will send an email to the user with a magic link with temporal validity that allows to access the status page of WiFi Login Pages without entering the credentials again, as shown in the image above.

Note

For more technical information and implementation details about the magic link feature, consult the openwisp-users documentation (which briefly provides more information about the underlying open source library used to implement this feature).

If you’re using the demo account, the email will be sent to the email address of the demo account. Therefore, if you want to try this feature, you’ll have to sign up for your own account or use the social login feature (scroll below to find out more information).

Logging Out

../_images/hotspot-logout.gif

Most WiFi hotspot services have limitations in place that do not allow users to browse indefinitely.

Some services only allow surfing for a limited amount of time per day, while others limit the amount of data you can consume. Some services use a combination of both methods (when either the daily time or data limit is reached, the session is closed).

Therefore, users who plan to use the service again later on the same day, should log out to avoid consuming their daily time and/or data.

Session Limits

../_images/session-limit-exceeded.jpeg

The default session limits in the OpenWISP RADIUS configuration are 300 MB of daily traffic or 3 hours of daily surfing.

Note

To find out more technical information about this topic please read: OpenWISP RADIUS - Enforcing session limits.

Automatic Captive Portal Login

The WiFi Login Pages application. allows those users who have logged in previously and who use a browser which supports cookies (not all mini-browsers that are used for captive portal logins do), to automatically log in without entering their credentials again.

The video below demonstrates this feature:

Sign Up

../_images/signup.png

To sign up for the WiFi hotspot demo, select the free plan and enter dummy data (this data is deleted every day). However, it is recommended that you enter a real email address so that you can test features that require receiving emails, such as email confirmation, password reset, and the “WiFi session started” notification.

Note

The sign up process uses the OpenWISP RADIUS REST API under the hood.

Social Login

../_images/social-login.png

Another way to sign up for a free WiFi hotspot account is to use social login. Simply click on one of the social login buttons to initiate the process.

Please note that your personal data is stored for less than 24 hours, as the demo system is reset every day.

Note

For more technical information about social login, please read OpenWISP RADIUS - Social Login