Hello, I am new here and I am just wondering if anyone has an open source (or proprietary if you’re willing to share) PHP customer portal framework already written that allows customers to change their wifi name/password via the API? I was planning on writing my own but I don’t know where to start. I am running GenieACS drumsergio docker image on Ubuntu. Thanks!
I’ve written this, but because its owned by my employer I’m unable to share. I’m happy to answer any questions you might have though.
One of the biggest pieces of advice I can give you is don’t use the TR069 data model as your canonical data model. For example, I store customer wifi settings (with the password encrypted at rest of course) in json format in a table that looks similar to this: subscriber id, area (varchar), key (varchar), value (json). The advantage of this setup is I was able to easily add support for 5.8ghz wifi.
So a sample data structure looks like this:
When I send the data from our SMS to the ACS is when I map it to the TR069 data model. To do that, I built a mapping file for each CPE model. The mapping looks like this:
Zyxel CPE:
Base config:
A particular CPE is composed of 1 to many mapping files, all layered on top of each other. So the base_config.json file has general things that every CPE we support has. Then for specific models, I can override the key map. A good example of this is older generation SmartRG CPEs supported AutoChannelEnable for wifi, but used the X_SMARTRG_COM_AutoChannelEnable naming, where as the Zyxel models used AutoChannelEnable. So the map layer for some of our CPEs looks like this:
While this might sound complicated on the surface (and even under the covers), going with this approach has allowed me to support multiple different CPE models with different layers of screwed up data models without having to write custom code. It takes me about an hour to add support for a new CPE.
I used the Symfony framework. Our architecture is Customer Portal <----> Subscriber Management System <----> ACS this way our customer portal never talks directly to the ACS.
Thanks for the reply, very cool setup, and it does indeed look very complicated. I thought GenieACS would be more of a turnkey product, I will have to delve into this later when I have more time! Is there a particular reason you don’t want the portal communicating directly with the ACS API?
GenieACS is not a turnkey product. If you want that, you need to look at Affinegy, Calix Cloud, Adtran’s Clear Access, etc.
The first rule of the internet is never trust the user 
. So I have some validation in the customer portal, and a shit ton in our subscriber management system (as that code is also used by our internal users).
This design also means that our ACS is never ever exposed to our customers. Our subscriber management system acts as the DMZ. We put our customer facing portal on a much less trusted host.
I guess turnkey isn’t the word, just more like an appliance, rather than a framework, if you get my meaning.
That makes a lot of sense! Thanks for giving me a lot to think about, I appreciate it.