diff options
| author | est31 <MTest31@outlook.com> | 2016-05-30 23:27:48 +1000 |
|---|---|---|
| committer | Craig Robbins <kde.psych@gmail.com> | 2016-05-30 23:28:08 +1000 |
| commit | 27db92925261ed6646d0a1c0512711ab3aeb5fb8 (patch) | |
| tree | 3e104d027f0d1c25d49c02d5845591ab225dd6bd /doc | |
| parent | 4134d8ad13c371820a485a9752b1197a8d7007f3 (diff) | |
| download | minetest-27db92925261ed6646d0a1c0512711ab3aeb5fb8.tar.gz minetest-27db92925261ed6646d0a1c0512711ab3aeb5fb8.tar.bz2 minetest-27db92925261ed6646d0a1c0512711ab3aeb5fb8.zip | |
Add minetest.check_password_entry callback
Gives a convenient way to check a player's password.
This entirely bypasses the SRP protocol, so should be used
with great care.
This function is not intended to be used
in-game, but solely by external protocols, where no
authentication of the minetest engine is provided, and
also only for protocols, in which the user already gives the
server the plaintext password.
Examples for good use are the classical http form, or irc,
an example for a bad use is a password change dialog inside
formspec.
Users should be aware that they lose the advantages of the SRP
protocol if they enter their passwords for servers outside the
normal entry box, like in in-game formspec menus,
or through irc /msg s,
This patch also fixes an auth.h mistake which has mixed up the
order of params inside the decode_srp_verifier_and_salt function.
Zeno-: Added errorstream message for invalid format when I committed
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/lua_api.txt | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/doc/lua_api.txt b/doc/lua_api.txt index 03f2dad32..82a0acbee 100644 --- a/doc/lua_api.txt +++ b/doc/lua_api.txt @@ -1951,12 +1951,21 @@ Call these functions only at load time! * `minetest.notify_authentication_modified(name)` * Should be called by the authentication handler if privileges changes. * To report everybody, set `name=nil`. +* `minetest.check_password_entry(name, entry, password)` + * Returns true if the "db entry" for a player with name matches given + * password, false otherwise. + * The "db entry" is the usually player-individual value that is derived + * from the player's chosen password and stored on the server in order to allow + * authentication whenever the player desires to log in. + * Only use this function for making it possible to log in via the password from + * via protocols like IRC, other uses for inside the game are frowned upon. * `minetest.get_password_hash(name, raw_password)` * Convert a name-password pair to a password hash that Minetest can use. * The returned value alone is not a good basis for password checks based * on comparing the password hash in the database with the password hash * from the function, with an externally provided password, as the hash * in the db might use the new SRP verifier format. + * For this purpose, use minetest.check_password_entry instead. * `minetest.string_to_privs(str)`: returns `{priv1=true,...}` * `minetest.privs_to_string(privs)`: returns `"priv1,priv2,..."` * Convert between two privilege representations |