init

app.js

-const radius = require('radius');
 const dgram = require('dgram');
+const radius = require('radius');
 
-const secret = 'secret'; // Replace with your shared secret
-const port = 1812; // Default RADIUS authentication port
+const RADIUS_PORT = 1812; // Default RADIUS authentication port
+const RADIUS_SECRET = 'secret';
 
 const server = dgram.createSocket('udp4');
 
 server.on('message', (msg, rinfo) => {
-    const packet = radius.decode({ packet: msg, secret });
-console.log(packet)
+    try {
+        const packet = radius.decode({ packet: msg, secret: RADIUS_SECRET });
+
+        // Log the client's IP address
+        console.log(`Received RADIUS packet from ${rinfo.address}:${rinfo.port}`);
+
         if (packet.code !== 'Access-Request') {
-        console.error('Invalid packet type: ' + packet.code);
+            console.log(`Unknown packet type: ${packet.code}`);
             return;
         }
 
         const username = packet.attributes['User-Name'];
-    const password = packet.attributes['User-Password'];
 
-    console.log('Received access request from:', username);
+        // Decrypt the password
+        const encryptedPassword = packet.attributes['User-Password'];
+        const password = radius.decrypt({ packet: packet, secret: RADIUS_SECRET, attribute: encryptedPassword });
 
-    // Perform your user authentication logic here
+        console.log(`Username: ${username}, Password: ${password}`);
+
+        // Implement your authentication logic here
         const isAuthenticated = authenticateUser(username, password);
 
-    let response;
-    if (isAuthenticated) {
-        response = radius.encode_response({
-            packet,
-            code: 'Access-Accept',
-            secret,
+        const response = isAuthenticated ? 'Access-Accept' : 'Access-Reject';
+        const responsePacket = radius.encode_response({
+            packet: packet,
+            code: response,
+            secret: RADIUS_SECRET,
         });
-        console.log('Access granted for:', username);
-    } else {
-        response = radius.encode_response({
-            packet,
-            code: 'Access-Reject',
-            secret,
+
+        server.send(responsePacket, 0, responsePacket.length, rinfo.port, rinfo.address, (err, bytes) => {
+            if (err) {
+                console.error('Error sending response:', err);
+            }
         });
-        console.log('Access denied for:', username);
+    } catch (err) {
+        console.error('Error decoding RADIUS packet:', err);
     }
-
-    server.send(response, 0, response.length, rinfo.port, rinfo.address);
 });
 
 server.on('listening', () => {
     const address = server.address();
-    console.log('RADIUS server listening on port', address.port);
+    console.log(`RADIUS server listening on ${address.address}:${address.port}`);
 });
 
-server.bind(port);
+server.bind(RADIUS_PORT);
 
 function authenticateUser(username, password) {
-    console.log(username,password)
-    // Replace this function with your actual authentication logic
-    return username === 'ali' && password === 'ali';
+    // Replace this with your authentication logic (e.g., checking against a database)
+    return username === 'ali' && password === 'ahmad';
 }