anope / anope

Anope IRC Services
https://www.anope.org
313 stars 137 forks source link

Create nick database entry in external program. #437

Open abcbarryn opened 1 week ago

abcbarryn commented 1 week ago

Description I would like to be able to register a nick and set the password in an external program by adding a row to the MySQL DB table. What is the easiest way the duplicate Anope's password hashing algorithm?

Why this would be useful I could have users register nicks by filling out a user-friendly web registration form.

TehPeGaSuS commented 6 days ago

Unless you really need to use an external program, Anope has a built-in webcpanel that allows you to register nicknames and manage accounts, channels, etc.

On Anope 2.0 you need to build webcpanel with ./extras on the source folder. With Anope 2.1, it is built by default.

You could take a look at it and see if it fits your needs.

abcbarryn commented 6 days ago

I do eventually really need to use an external program because I want to link the user account to info in another database, but I will look at the webpanel and see if it can at least be used as a stop gap.

abcbarryn commented 6 days ago

Hmmm, I don't see webpanel listed in extras. I am running Anope 2.0.16...

$ ./extras
CMakeFiles                = wrong hardlink target (65025:2124835)
m_ldap.cpp                = disabled
m_ldap_authentication.cpp = disabled
m_ldap_oper.cpp           = disabled
m_mysql.cpp               = enabled
m_regex_pcre.cpp          = disabled
m_regex_pcre2.cpp         = disabled
m_regex_posix.cpp         = disabled
m_regex_tre.cpp           = disabled
m_sql_authentication.cpp  = disabled
m_sql_log.cpp             = disabled
m_sql_oper.cpp            = disabled
m_sqlite.cpp              = disabled
m_ssl_gnutls.cpp          = enabled
m_ssl_openssl.cpp         = disabled
stats                     = disabled

Please enter the name of the module or type 'q' to quit.: q
TehPeGaSuS commented 6 days ago

Right. I think it was made to build by default some versions ago (I've been using 2.1 since when it came out, almost). You'll probably only need to enable httpd, and webcapnel

Techman commented 6 days ago

If you are moving towards a centralized account system that will span multiple services, it may be worth considering LDAP in the future.

abcbarryn commented 6 days ago

I got the Webcpanel working, although I am having isseues getting it to use TLS. It doesn't really fit what I need also. I could write something but I would need to be able to have it hash the password. Anope doesn't seem to be using a simple sha256 hash with a salt.

Techman commented 5 days ago

The way the password strings look depends on the choice of the primary "encryption" module. You can see how the format works by looking at the "OnEncrypt" function in the module file for whatever method you have chosen.

abcbarryn commented 5 days ago

I am looking at sha256. I found this in the source code: password format: :: I am guessing that the iv_b64 is some sort of salt and is base 64 encoded, but I haven't been able to replicate the hashing yet. A function like UnrealIRC's mkpasswd would be nice to have. If Anope would support UnrealIRC's Argon2 hash, I could use that but from what I have seen so far it does not. :(

abcbarryn commented 5 days ago

Looking at the hashed password, that looks like hex encoding, not base 64...?

abcbarryn commented 5 days ago

If in the config I have something like this:

module { name = "enc_sha256" }
module { name = "enc_none" }

With sha256 listed first as shown, the configuration documentation says:

SadieCat commented 5 days ago

If you want to authenticate against an external SQL database you should probably use the sql_authentication module rather than messing around with Anope's database.

abcbarryn commented 3 days ago

But Anope's NickServ already has a database, why not improve the registration process?

SadieCat commented 3 days ago

I'm not sure what benefit it has? Anope has options for authenticating an external service against Anope (xmlrpc) and using an external service for authenticating against Anope (sql_authentication). It doesn't seem like a widely useful feature to maintain two databases.

abcbarryn commented 3 days ago

Maintaining two databases is exactly what I am trying to avoid. The NickServ database is required in order to have registered nicks, why setup another database just to authenticate nicks when the NickServ already has a database that does that? Plus the NickServ is (or at least was) clunky and required the users to confirm their email by typing text commands to IRC, I fised that so that now users get an email with a link that they can click to conform their email. All I need is better documentation on the sha256 password hash method and I could easily create a program to register and maintain nicks in an external program. This would allow integration with other systems that require users to register, like blogs, company logins, etc...

abcbarryn commented 3 days ago

The Web CPanel is good, but it's not easily extendable and the handling of email confirmations leaves much to be desired.

This is what a confirmation email for my system looks like now because of an external program I wrote...

From [services@amobiledevice.com]

Hi,

You have requested to register the nickname nick on AMobile IRC.
Please go to https://www.amobiledevice.com/confirm.php?name=nick&code=codehere
or type " /msg NickServ CONFIRM codehere " to complete the registration

If you don't know why this mail was sent to you, please ignore it silently.

AMobile IRC administrators.

As opposed to this:

From [services@amobiledevice.com]

Hi,

You have requested to register the nickname nick on AMobile IRC.
Please type " /msg NickServ CONFIRM codehere " to complete the registration

If you don't know why this mail was sent to you, please ignore it silently.

AMobile IRC administrators.
SadieCat commented 2 days ago

It sounds like what you want is the xmlrpc module? You can create and authenticate a user using that.

https://github.com/anope/anope/tree/2.0/docs/XMLRPC