Wednesday 26 March 2014

Asterisk PIN based dialing

10:31 Posted by Jurgens Krause , No comments

As an Asterisk administrator, I often have clients requesting the ability to have users enter a PIN before dialing. This is useful on factory floors where users roam between different phones, but still need to be held accountable for their calls. Apart from just authenticating the user, the dialplan also has to ensure that the account code is correctly assigned in the CDR.
To this end Asterisk provides the AUTHENTICATE dialplan application.


Authenticate has many different options that makes it very versatile, but what I have found most useful is to use the file function. This allows you to create a file with account codes and MD5 password hashes.
The file needs to be structured as follows:

accountcode:passwordmd5

When using the file mode, the account code will be written into the CDR logs. For example:
vim /etc/asterisk/pins.conf
You may use a different file/location
500:8c8a58fa97c205ff222de3685497742c
501:c460dc0f18fc309ac07306a4a55d2fd6
502:d91caca74114d81fdfc578fca82f8d72
503:c0a271bc0ecb776a094786474322cb82
504:889091ff744069cab08dc605d162a8d3
504:eae31887c8969d1bde123982d3d43cd2
To create the MD5 hashes, you can run the following command
echo -n 4865 | md5sum
You can substitute 4865 for any pin of your choosing, this line will output an MD5 hash which you can use in the pins.conf file:
d91caca74114d81fdfc578fca82f8d72


Again for illustrative purposes, I will keep the dialplan simple.
[outgoing]
exten => _XXX.,1,NoOp(Going Out)
same  => n,NoOp(You have to authenticate)
same  => n,Authenticate(/etc/asterisk/pins.conf,m,4)
same  => n,NoOp(user has been authenticated)
same => n,Dial(SIP/${upstream}/${EXTEN})
same => n,HangUp()

The first line matches all numbers with more than three digits, and reports to the console "Going Out"
The second line is simply for debugging
The third line is the magic one:
It calls the AUTHENTICATE dialplan application with a filename as the first argument.
The second argument "m", specifies that it should do a file lookup.
The last argument sets the pin length to 4 digits, thus the user does not need to end input with a "#"

That's it, Asterisk takes care of the prompts, lookups and writing the correct information into the Database.

0 comments:

Post a Comment