Zum Hauptinhalt springen

Voucher Lifecycle

A WiFi voucher is a time-bound set of credentials (username + password) that grants a visitor access to the guest WiFi network. Vouchers are managed automatically — they're created at check-in and revoked at check-out or expiry.

Lifecycle stages

1. Creation (at check-in)

When a visitor is checked in (via dashboard or kiosk), the server:

  1. Generates a unique username and random password.
  2. Calculates the TTL (time-to-live) based on the visit's expected departure time.
  3. Stores the voucher in the database (linked to the visit record).
  4. Pushes the voucher to the Atrium Agent via WebSocket (voucher.create command).

The Agent adds the voucher to its in-memory RADIUS store. From this moment, the credentials can authenticate on the guest WiFi.

2. Active

While active, the voucher:

  • Accepts RADIUS authentication requests matching the username and password.
  • Is visible in the visit detail view on the dashboard (credentials displayed with validity period).
  • Has a remaining TTL that counts down toward the visit's expected departure.

3. Revocation (at check-out or expiry)

When a visit ends:

  1. The server marks the voucher as revoked (revoked_at timestamp set).
  2. A voucher.revoke command is sent to the Agent.
  3. The Agent removes the voucher from its RADIUS store — new authentication attempts are rejected immediately.
  4. The Agent sends a session termination command to the firewall to disconnect any active sessions.

4. Cleanup

The Agent periodically cleans up expired vouchers from its in-memory store (every 5 minutes). This catches vouchers whose TTL has expired naturally, as a fallback if the explicit revocation didn't arrive (e.g., due to a WebSocket disconnection).

Reconciliation

If the Agent restarts or reconnects after a disconnection, it receives a full reconciliation of all active vouchers from the server. This ensures the Agent's RADIUS store is always consistent with the server's state.

The reconciliation sends all non-revoked, non-expired vouchers for the Agent's site. Vouchers that were revoked while the Agent was disconnected are simply not included — the Agent starts with a clean, correct state.

Credentials format

  • Username: Auto-generated, unique per voucher.
  • Password: Randomly generated.
  • Storage: Credentials are stored in cleartext in the database. This is intentional — the kiosk needs to display them to the visitor, and the RADIUS server needs to verify them. Voucher credentials are short-lived and not reused.

Viewing voucher status

Voucher status is visible in the visit detail view on the dashboard:

  • Active vouchers show the username, password (copyable), and "valid until" timestamp.
  • Revoked vouchers show the revocation timestamp.