Motivations and Goals

In this page we explain the goals of this project and the motivations that led us on this path.


The old version of OpenWISP (which we call OpenWISP 1) had a freeradius module which provided several interesting features:

  • user registration

  • account verification with several methods

  • user management

  • password reset

  • basic general statistics

  • basic user account page with user’s statistics

But it also had important problems:

  • it was not written with automated testing in mind, so there was a lot of code which the maintainers didn’t want to touch because of fear of breaking existing features

  • it was not written with an international user-base in mind, it contained a great deal of code which was specific to a single country (Italy)

  • it was hard to extend, even small changes required changing its core code

  • the user management code was implemented in a different way compared to other openwisp1 modules, which added a lot of maintenance overhead

  • it used outdated dependencies which over time became vulnerable and were hard to replace

  • it did not perform hashing of user passwords

  • the documentation did not explain how to properly install and configure the software

Similar problems were affecting other modules of OpenWISP 1, that’s why over time we got convinced the best thing was to start fresh using best practices since the start.

Project goals

The main aim of this project is to offer a web application and documentation that helps people from all over the world to implement a wifi network that can use freeradius to authenticate its users, either via captive portal authentication or WPA2 enterprise, BUT this doesn’t mean we want to lock the software to this use case: we want to keep the software generic enough so it can be useful to implement other use cases that are related to networking connectivity and network management; Just keep in mind our main aim if you plan to contribute to openwisp-radius please.

Other goals are listed below:

  • replace the user management system of OpenWISP 1 by providing a similar feature set

  • provide a web interface to manage a freeradius database

  • provide abstract models and admin classes that can be imported, extended and reused in third party apps

  • provide ways to extend the logic of openwisp-radius without changing its core

  • ensure the code is written with an international audience in mind

  • maintain a very good automated test suite

  • reuse the django user management logic which is very robust and stable

  • ensure passwords are hashed with strong algorithms and freeradius can authorize/authenticate using these hashes (that’s why we recommend using the rlm_rest freeradius module with the REST API of openwisp-radius)

  • integrate openwisp-radius with the rest of the openwisp2 ecosystem

  • provide good documentation on how to install the project, configure it with freeradius and use its most important features