| *** FastLizard4 is now away: AWAY from keyboard | 00:16 | |
| *** yuitimothy is now away: I've done some soul-searching and I still can't find it. | 01:07 | |
| *** _I_Died_Once <_I_Died_Once!~I_Died_On@c-73-184-170-223.hsd1.ga.comcast.net> has quit IRC (Ping timeout: 248 seconds) | 02:52 | |
| *** Cobra_Fast_ is now away: vacant | 05:34 | |
| *** Cobra_Fast_ is back | 05:34 | |
| *** Cobra_Fast_ is now away: vacant | 06:09 | |
| *** Cobra_Fast_ is back | 06:09 | |
| *** Sgeo <Sgeo!~Sgeo@user/sgeo> has quit IRC (Read error: Connection reset by peer) | 06:51 | |
| *** L4m3r_ <L4m3r_!~L4m3r@user/L4m3r> has joined #bzflag | 09:27 | |
| *** L4m3r <L4m3r!~L4m3r@user/L4m3r> has quit IRC (Ping timeout: 268 seconds) | 09:31 | |
| *** L4m3r_ is now known as L4m3r | 09:57 | |
| *** FastLizard4 is back | 11:10 | |
| *** I_Died_Once <I_Died_Once!~I_Died_On@c-73-184-170-223.hsd1.ga.comcast.net> has joined #bzflag | 11:36 | |
| *** FastLizard4 is now away: AWAY from keyboard | 11:38 | |
| *** FastLizard4 is now away: GONE - Screen Detached and Disconnected from IRC (I'm probably asleep, at work, or doing something in real life) | 11:57 | |
| *** _I_Died_Once <_I_Died_Once!~I_Died_On@c-73-184-170-223.hsd1.ga.comcast.net> has joined #bzflag | 15:06 | |
| *** I_Died_Once <I_Died_Once!~I_Died_On@c-73-184-170-223.hsd1.ga.comcast.net> has quit IRC (Ping timeout: 255 seconds) | 15:08 | |
| *** Sgeo <Sgeo!~Sgeo@user/sgeo> has joined #bzflag | 15:10 | |
| TimRiker | I think we should add a host:port field to the db. The server should send a nameport on ADD/CHECKTOKEN, so the list server can check. If the GETTOKEN request had a nameport for what server they planned to connect, then we can accept a CHECKTOKEN/ADD that shows a different client ip, but is from the the server they client said they were going to attach to. | 20:23 |
|---|---|---|
| TimRiker | If a LIST/GETTOKEN includes a nameport, then we store it. Else we clear it. | 20:24 |
| TimRiker | Then we accept a ADD/CHECKTOKEN if either the client IP matches, OR the nameport of the server matches what was in the GETTOKEN/LIST request. | 20:33 |
| TimRiker | "new" clients would always have a nameport that should match, but "old" clients would only be matching on IP. | 20:34 |
| blast007 | we already store the host:port in the database and the server already sends that | 21:14 |
| TimRiker | we do for ADD, but we don't for LIST/GETTOKEN. I'm talking about the client requesting a token that is tied to the server they are about to join. | 21:25 |
| TimRiker | the _user table has tokendate, tokenip and token. I'm proposing adding token_nameport. Then the user would request a token just prior to joining a server, and only that target server can validate the token as it's ADD would match the user token_nameport field. | 21:28 |
| TimRiker | user says: I want to token to join example.bzflag.org:5154. bzfls saves the nameport. example says: validate user1 from <random ip>, bzfls sees that the IP does not match, however, the nameport does match, so the token is ok. | 21:29 |
| blast007 | yep, that was the the plan | 21:39 |
| blast007 | https://cs.bzexcess.com/docs/v1/#/Game%20Tokens/createUserGameToken the publicID is the user's UUID (which maybe isn't necessary or useful, since the request has to be authenticated anyway) and the POST body contains the hostname and port | 21:46 |
| TimRiker | I'm going to add a nameport varchar(60) to my user table and add code to start looking at that. how/when can do we make that schema change on prod? | 21:46 |
| blast007 | https://cs.bzexcess.com/docs/v1/#/Game%20Tokens/getServerGameToken and then the game server consumes the token with this | 21:46 |
| blast007 | we aren't going to | 21:47 |
| blast007 | the IPv6 list will be an entirely new system | 21:47 |
| TimRiker | so all forums users will need to re-register? | 21:49 |
| blast007 | no | 21:50 |
| blast007 | new system as in not the existing bzfls.php stuff | 21:50 |
| blast007 | it'll use the Symfony PHP framework | 21:50 |
| blast007 | it will provide the old style bzfls.php-like interface for legacy servers and a new REST API for newer servers | 21:51 |
| blast007 | (it will flip behaviour depending on which hostname is used to access it) | 21:51 |
| blast007 | I haven't 100% decided how to integrate with the forum data yet | 21:52 |
| blast007 | I have a phpBB plugin that provides a basic REST API for user management/login that it could tie into | 21:52 |
| TimRiker | friends is the same as the phpBB friends? what about foes? | 21:53 |
| blast007 | no, not phpBB friends | 21:53 |
| blast007 | IIRC foes in the forum hide peoples posts | 21:53 |
| TimRiker | so users need to maintain a separate list of friends ingame from the list they may already have on the forum? | 21:53 |
| TimRiker | yes, I think foes hides posts. similar to hiding in-game chat from a given user. | 21:54 |
| blast007 | another possible login integration would be making an oauth plugin for phpBB. I don't know if there's a good way to associate an external account and an internal account in case details like the email or name change. | 21:57 |
| TimRiker | If they are different databases, then one needs to be the master, and the other syncs all changes. | 21:59 |
| TimRiker | I didn't want to recreate all that, so I used phpBB as the master. | 21:59 |
| blast007 | at the very least, I want to stop using phpBB as a group manager | 22:01 |
| TimRiker | meaning you want to maintain groups both in phpbb and someplace else? | 22:02 |
| blast007 | we don't really have many groups that are referenced in phpBB | 22:02 |
| blast007 | main one might be the league council | 22:02 |
| blast007 | so sure, the league maintains that one group in two place | 22:03 |
| TimRiker | or meaning that there will no longer be any groups in phpbb so no group specific forums? I don't think we have many there, and I don't know if any of them are active anyway. | 22:03 |
| TimRiker | We could add a hook that tracks the last reference to a group, and then expire unused groups. | 22:04 |
| blast007 | yeah, I was thinking of having something like that in the new system | 22:04 |
| blast007 | whenCreated and lastUsed | 22:04 |
| TimRiker | it's lame that the phpBB group admin page won't sort by column. That would be easy to add. | 22:04 |
| blast007 | we're really just abusing the hell out of the group system :) | 22:05 |
| blast007 | I think that's the last thing that requires modifications to the phpBB code as well | 22:05 |
| TimRiker | We just have no process that I am aware of to purge old unused groups. | 22:05 |
| blast007 | yeah | 22:06 |
| blast007 | the idea going forward is that there'd be an organization registration, and that organization could then own groups and server keys | 22:06 |
| TimRiker | The user view of groups is sorted, but the ACP view is not. | 22:06 |
| blast007 | (I want to make it possible for players to create/delete orgs and groups) | 22:07 |
| blast007 | and also add/remove group managers | 22:07 |
| TimRiker | so then we have old groups and old orgs? :) | 22:07 |
| blast007 | If we wanted to add the ability to purge stuff we could. But that wasn't ever my motivation for wanting to write the new system. | 22:08 |
| TimRiker | just hoping to avoid "we don't like the current system" "create a new system" "we don't like the new system", lather rinse, repeat. | 22:11 |
| TimRiker | https://cs.bzexcess.com/docs/v1/#/Game%20Tokens/getServerGameToken : The playerID parameter is only used... where PlayerIP is the field. Not sure which you mean. | 22:15 |
| blast007 | playerIP you mean? | 22:41 |
| blast007 | that would probably not be on the final API design. initially I was considering having a stub bzfls.php that just talked to this new REST API, but then later I realized I could make Symfony switch controllers based on the hostname | 22:42 |
| blast007 | s/controllers/routing/ | 22:42 |
| blast007 | re: the '"we don't like the current system" "create a new system" "we don't like the new system"' ... we've had the basically the same system for almost 20 years, so it's not something we do often :) | 22:44 |
| blast007 | PHP's ecosystem has changed a LOT since ~2005 | 22:45 |
| *** TD--Linux is now known as TD-Linux | 23:41 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!