Open abcbarryn opened 1 week ago
Unless you really need to use an external program, Anope has a built-in webcpanel that allows you to register nicknames and manage accounts, channels, etc.
On Anope 2.0 you need to build webcpanel with ./extras
on the source folder. With Anope 2.1, it is built by default.
You could take a look at it and see if it fits your needs.
I do eventually really need to use an external program because I want to link the user account to info in another database, but I will look at the webpanel and see if it can at least be used as a stop gap.
Hmmm, I don't see webpanel listed in extras. I am running Anope 2.0.16...
$ ./extras
CMakeFiles = wrong hardlink target (65025:2124835)
m_ldap.cpp = disabled
m_ldap_authentication.cpp = disabled
m_ldap_oper.cpp = disabled
m_mysql.cpp = enabled
m_regex_pcre.cpp = disabled
m_regex_pcre2.cpp = disabled
m_regex_posix.cpp = disabled
m_regex_tre.cpp = disabled
m_sql_authentication.cpp = disabled
m_sql_log.cpp = disabled
m_sql_oper.cpp = disabled
m_sqlite.cpp = disabled
m_ssl_gnutls.cpp = enabled
m_ssl_openssl.cpp = disabled
stats = disabled
Please enter the name of the module or type 'q' to quit.: q
If you are moving towards a centralized account system that will span multiple services, it may be worth considering LDAP in the future.
I got the Webcpanel working, although I am having isseues getting it to use TLS. It doesn't really fit what I need also. I could write something but I would need to be able to have it hash the password. Anope doesn't seem to be using a simple sha256 hash with a salt.
The way the password strings look depends on the choice of the primary "encryption" module. You can see how the format works by looking at the "OnEncrypt" function in the module file for whatever method you have chosen.
I am looking at sha256.
I found this in the source code:
password format:
Looking at the hashed password, that looks like hex encoding, not base 64...?
If in the config I have something like this:
module { name = "enc_sha256" }
module { name = "enc_none" }
With sha256 listed first as shown, the configuration documentation says:
If you want to authenticate against an external SQL database you should probably use the sql_authentication module rather than messing around with Anope's database.
But Anope's NickServ already has a database, why not improve the registration process?
I'm not sure what benefit it has? Anope has options for authenticating an external service against Anope (xmlrpc) and using an external service for authenticating against Anope (sql_authentication). It doesn't seem like a widely useful feature to maintain two databases.
Maintaining two databases is exactly what I am trying to avoid. The NickServ database is required in order to have registered nicks, why setup another database just to authenticate nicks when the NickServ already has a database that does that? Plus the NickServ is (or at least was) clunky and required the users to confirm their email by typing text commands to IRC, I fised that so that now users get an email with a link that they can click to conform their email. All I need is better documentation on the sha256 password hash method and I could easily create a program to register and maintain nicks in an external program. This would allow integration with other systems that require users to register, like blogs, company logins, etc...
The Web CPanel is good, but it's not easily extendable and the handling of email confirmations leaves much to be desired.
This is what a confirmation email for my system looks like now because of an external program I wrote...
From [services@amobiledevice.com]
Hi,
You have requested to register the nickname nick on AMobile IRC.
Please go to https://www.amobiledevice.com/confirm.php?name=nick&code=codehere
or type " /msg NickServ CONFIRM codehere " to complete the registration
If you don't know why this mail was sent to you, please ignore it silently.
AMobile IRC administrators.
As opposed to this:
From [services@amobiledevice.com]
Hi,
You have requested to register the nickname nick on AMobile IRC.
Please type " /msg NickServ CONFIRM codehere " to complete the registration
If you don't know why this mail was sent to you, please ignore it silently.
AMobile IRC administrators.
It sounds like what you want is the xmlrpc module? You can create and authenticate a user using that.
Description I would like to be able to register a nick and set the password in an external program by adding a row to the MySQL DB table. What is the easiest way the duplicate Anope's password hashing algorithm?
Why this would be useful I could have users register nicks by filling out a user-friendly web registration form.