Armathentication

[delinquent]

I got some daft error with my website, can someone walk me through setting up auth? I tried the php script, but I get that reference to w3.org.

[AI-team]

I'm pretty sure we'd be able to help you fix your problem if you were to give a us a proper explanation of the error message.

[delinquent]

I get the following:

URL does not return supported methods, error 200, content "<!doctype html public "-//w3c//dtd html 4.01 frameset//en"
"http://www.w3.org/tr/html4/framset.dtd">"

I'm assuming that I've missed a step in adding auth. I put the auth folder in "public/armaauth/0.1", where "public" is the root of my phpbb install.

[Light]

What domain is being used with this?

[delinquent]

armaashes.tk, which redirects to vixencomputing.co.uk. Everything else works, feeds etc.

[AI-team]

edit: just noted that you already posted the URL. your redirect configuration is set up wrong

[Light]

this error indicates that there is a PHP error that nothing to do with the authentication itself. go to /public/armaauth/0.1/index.php and see what your browser has to say. it's probably going to show you the real error message and if not, make sure to give us the URL so we can figure out the problem

It looks more like he's getting HTML returned.

My guess seems to have been correct. It's not redirecting properly. Since you're on a shared web host, I'm not sure you can properly set up the .tk to point to it.

I'll test a few things out on dot.tk and see if you can.

// Edit
If you wanted to see what I mean, you can see what's happening if you go to http://armaashes.tk/armaauth/0.1/ in your browser. That's where the game is going to look if you give armaashes.tk as the authority.

[Light]

Maybe try pointing your .tk domain to: http://vixencomputing.co.uk/armaauth/0.1/

I'm trying to test this out on one of mine but they're so slow to updating it's driving me mad. Just do a check that it's requesting the methods or checking an auth in your script, and if not send them to your site with a header redirect.

O_o I see you stalking Duke!

// Edit
FFS .. I post and it finally updates. Anyways, that idea would work. Although, for me it comes up as WRONG_HOST because you have it set to only work with your .tk I assume. If you need any more help with it, feel free to post back.

[LOVER$BOY]

I wouldn't advice to use dot.tk since my vertrex.tk was removed from my domain controls without a reason. It's not the only domain, I lost all 6 of my other domains as well by dot.tk (no reasons as well)

Anyway what type of auth file are you using, del? Perhaps you could point us to that or something. I, on the other hand, am using a custom build php auth script now.

The "noob" script and "trunk" scripts kept me confused so fman (alpha project co-leader) created one. There were some issues on my host (mysqli) so I hacked it and modified so it suited my purposes and it works!

Located here if anyone would like to check it out:
my code:
(unreleased)

fman's code:
http://bazaar.launchpad.net/~armagetron ... work/files

In our LOVER$BOY's Hells Racing server I am using my custom shorthand feature (I newly added) and it works great!

Code: Select all

/login {username}@ap

CUSTOM_SHORTHAND_ENABLED 1
CUSTOM_SHORTHAND ap
CUSTOM_SHORTHAND_CONNECTION vertrex.vertrex.8ing.com

[delinquent]

I almost slapped myself when I was it. Dot.tk is something like a container, so no matter what one puts after "tk", it directs to the homepage.

[s]I'll just set up another url to forward to the auth folder. cheers![/s]

Scratch that. Doesn't want to work.

loversboy, can you show me that script that fman wrote?

[fman23]

A bit more information can be found on my GitHub in the README (at https://github.com/fkmclane/ArmaAuth). Basically, put those files in the /armaauth/0.1 and edit config.php to your forum's settings. phpBB also needs to be modified slightly to store the passwords in md5.

Settings for part of config.php for phpBB:

Code: Select all

//Table containing login information
'table' => 'phpbb_users',

//Username column
'user_col' => 'username',

//Hash column, contains the md5 of the password after appending the prefixes and suffixes
'pass_prefix' => '',
'pass_suffix' => '',
'hash_col' => 'user_password',

//Role column, optionally contains the index of the user role (blank if disabled), it is designed to fit in with forums
'role_col' => 'group_id',

Make sure to edit the rest of the configuration to make sure it will properly connect to the database. Additionally, the script supports ranks/roles (the user@domain.com/rank thing). They integrate with the forums (reply back if you want more info on this) but you can disable those if you do not want them.

To modify phpBB to store passwords in md5:
Edit the phpbb_hash function in /includes/functions.php to be the following.

Code: Select all

function phpbb_hash($password)
{
  return md5($password);
}

[fman23]

Looking closer, your forwarding seems to be part of the problem. Possibly try forwarding requests to http://vixencomputing.co.uk/armaauth/0.1 if you do not plan to use armaashes.tk for accessing the forums, only for authentication. There is a large complication in authenticating like this though, because you are using 000webhost and so it relies on the DNS name to access the right website. You might be able to configure 000webhost to listen for armaashes.tk requests as well and then change your DNS entries in dot.tk to the same ones as your vixencomputing.co.uk. This method would be more proper than the first but I don't know if 000webhost will allow you to do that.

[delinquent]

I'm going to use vixencomputing.co.uk as the auth URL, there's too much hassle involved with setting up a DNS forwarder. Plus, I'm not paying for two hosts.

I'm most definitely interested in the ranking suffix, but first I'm going to get a shorthand auth if I can, such as !user@ashes.

lemme take a look, I have a huge mince pie sat in front of me before I even think about doing so


OK, I placed and edited the config and edited the phpbb config to md5, but now the server just returns USER_NOT_FOUND. I can clearly see my username in the database table...


Wait... my usernames appear to be in username_clean but not in username. Is this a problem, or just an odd way of doing things?

PS: Logins still return USER_NOT_FOUND

[fman23]

Turn the role_required config option off since you are not using it right now since it is most likely why it is saying USER_NOT_FOUND.

To use the role/rank feature, use the phpBB groups feature. This can be found in the settings and start creating groups and adding people to them. Go to the SQL table phpbb_groups and look at group_id to get the id's you need to use in the armathentication script. Go back to config.php and edit the roles entry by using the group_id on the left and the rank part of user@domain.com/rank on the right. Also the role_required option makes it required that a user has a rank listed in the config file before they can login. This is useful if your forum allows anyone to register, but you only want to authenticate trusted members of your forum.

For example, if you had two ranks, "admin" and "member", and they corresponded to group_id numbers 0 and 1 in phpbb_groups, use this:

Code: Select all

//A map of the roles from the database value (left) to the role (right)
'roles' => array(
  '0' => 'admin',
  '1' => 'member'
)

[delinquent]

So far, there are three groups (1, 6 and 9) in the sql table. Is it possible to manually add further groups, or should I be using another interface to add groups and then finding their corresponding references in the table?

Edit: Now, no matter if roles are enabled or disabled, Armagetron returns the following:

Edit2: my config.php as it stands - php attachments are disabled.

Code: Select all

<?php
$CONFIG = array(
	//MySQL host address, use localhost if unsure
	'host'		=> 'mysql10.000webhost.com',

	//Username for database
	'user'		=> 'a9816805_ashes',

	//Password for database
	'pass'		=> '[REDACTED]',

	//MySQL database to connect to
	'database'	=> 'a9816805_ashes',

	//Table containing login information
	'table'		=> 'phpbb_users',

	//Username column
	'user_col'	=> 'username',

	//Hash column, contains the md5 of the password after appending the prefixes and suffixes
	'pass_prefix'	=> '',
	'pass_suffix'	=> '',
	'hash_col'	=> 'user_password',

	//Role column, optionally contains the index of the user role (blank if disabled), it is designed to fit in with forums
	'role_col'	=> '',

	//If true, a person is only authenticated if they have a role (specified below)
	'role_required'	=> false,

	//A map of the roles from the database value (left) to the role (right)
	'roles'		=> array(
		'9'	=> 'Boss',
		'6'	=> 'Ash',
		'1'	=> 'NonMember'
	)
);
?>

One other thing: index.php reads as below, with the stars to highlight line 34 as per arma error. The stars are not in the original document. Should there be another opening bracket here?

Code: Select all

			else if($CONFIG['role_required'])
				respond('USER_NOT_FOUND', 404);
		}    ***************************************************

		if($hash === md5(pack('H*', $array[1]) . $salt))
			respond('PASSWORD_OK ' . iconv('UTF-8', 'ASCII//TRANSLIT', $array[0]) . '@' . $_SERVER['SERVER_NAME'] . $role, 200);
		else