fediauth/readme.md

68 lines
2.2 KiB
Markdown
Raw Normal View History

2023-01-28 11:04:14 +00:00
2023-09-27 10:57:15 +00:00
# FediAuth mod for minetest
2023-01-28 11:04:14 +00:00
2023-09-27 10:57:15 +00:00
2FA via Fediverse account, based on https://content.minetest.net/packages/mt-mods/otp/
2023-01-28 11:04:14 +00:00
2023-01-29 12:16:32 +00:00
# Overview
2023-09-27 10:57:15 +00:00
Lets Fediverse players use the `/fediauth_on` command to protect their account with a second factor.
2023-01-29 12:16:32 +00:00
2023-09-27 10:57:15 +00:00
Players that have the FediAuth enabled have to enter a verification code upon joining the game, the code will be sent to their account handle (@nick@example.com).
2023-01-29 12:16:32 +00:00
2023-09-27 10:57:15 +00:00
That mod requires add to `secure.http_mods = fediauth` for sending codes from service account (any mastodon API compatible instance)
2023-01-29 12:16:32 +00:00
2023-09-27 10:57:15 +00:00
Add `fediauth.instance = example.com` and `fediauth.api_token` = secret` for work this mod.
Also you can enable fediauth.fedi_required option and players who not have fediverse account can't play on server
2023-01-29 12:16:32 +00:00
# Screenshots
2023-09-27 10:57:15 +00:00
FediAuth verification form
![](./screenshot1.jpg)
FediAuth Setup form
![](./screenshot2.jpg)
FediAuth checkmark if verified success
![](./screenshot3.jpg)
2023-01-29 12:16:32 +00:00
2023-02-02 13:25:16 +00:00
# Temporary privilege revocation
2023-09-27 10:57:15 +00:00
All of the privileges get revoked when logging in with the fediauth enabled (until the proper code is entered).
2023-02-02 13:25:16 +00:00
Some exceptions:
* `fly` (otherwise the player would literally fall from the sky)
* `noclip`
2023-09-27 10:57:15 +00:00
To disable revokation on custom privs the field `fediauth_keep` can be set to true on the definition:
2023-02-02 13:25:16 +00:00
```lua
minetest.register_privilege("my_super_important_priv", {
description = "something something",
2023-09-27 10:57:15 +00:00
fediauth_keep = true
2023-02-02 13:25:16 +00:00
})
```
2023-01-29 12:16:32 +00:00
# Links / References
2023-09-27 10:57:15 +00:00
* https://fedi.tips/
2023-01-29 12:16:32 +00:00
* https://en.wikipedia.org/wiki/Time-based_one-time_password
* https://en.wikipedia.org/wiki/HMAC-based_one-time_password
* https://en.wikipedia.org/wiki/HMAC
* https://github.com/google/google-authenticator/wiki/Key-Uri-Format
# Chatcommands
2023-09-27 10:57:15 +00:00
* `/fediauth_on` Starts the FediAuth
* `/fediauth_off` Disables the FediAuth login
2023-01-29 12:16:32 +00:00
# Privileges
2023-09-27 10:57:15 +00:00
* `fediauth_enabled` Players with this privilege have to verify the Fediverse code upon login (automatically granted on successful `/fediauth_enable`)
* `fediauth_bypass` Players with this privilege can bypass verification for any reason, and the privilege can only granted manually by administrator
2023-01-28 11:04:14 +00:00
# License
2023-09-27 10:57:15 +00:00
* Code: `CC0-1.0`
2023-01-29 12:16:32 +00:00
* Textures: `CC-BY-SA 3.0`
2023-01-28 16:49:12 +00:00
* "basexx.lua" `MIT` https://github.com/aiq/basexx/blob/master/lib/basexx.lua