The Wiki for Tale 5 is in read-only mode and is available for archival and reference purposes only. Please visit the current Tale 11 Wiki in the meantime.

If you have any issues with this Wiki, please post in #wiki-editing on Discord or contact Brad in-game.

OpenID

From ATITD5
Revision as of 18:36, 6 August 2010 by FaceOnkh (talk | contribs) (Copy from T4 wiki)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

A Tale in the Desert supports the OpenID standard for single signon between Web sites. OpenID lets you log into many different Web sites without using a different password for each. Our goal is to allow you a single account with a single password to game, wiki and forum, and any other services we add in future to this site.

Using OpenID in A Tale in the Desert

Before you can log in you must set your webpass in game:

  • Log into the game and type /webpass atitd.org password
    • (meaning you replace password with a password of your choice - but not your game or bank one!).
  • Wait till you see the notification in game that your account data has been uploaded.
  • Your OpenID URL is atitd.org/openid/tale5/YourName or, for people not on the original shard, atitd.org/openid/tale5/YourName_SHARDNAME
    • (where YourName is your game user name and SHARDNAME is the name of a shard, e.g. Bastet)
    • So, Sami in T5 original shard is plain atitd.org/openid/tale5/Sami while Sami on the Bastet shard is atitd.org/openid/tale5/Sami_Bastet

This OpenID URL can be used with any site that accepts OpenID - including the atitd.org wiki and forums, but potentially any other third party site.

To log in to the wiki

  • Go to the OpenID login page (click the "login with openid" link at the top right)
  • In the OpenID URL box, enter your game user name (e.g. "Sami") and add "_Bastet" if you're from the Bastet shard
    • this should look like one of:
      • Sami
      • Sami_Bastet
    • (optionally, you can enter the full OpenID URL, atitd.org/openid/tale5/YourName, but why bother?)
  • Click submit
    • This will take you to the atitd.org openid server, where you have to enter the password you set in the webpass command above
    • If you are already logged in via this server, it will remember you and you will skip this step
  • After entering a correct password, you should then be returned to the wiki and successfully logged in

To log in to the forums

  • Go to the login page (click the "Login" on the upper right side of the page)
  • In the OpenID box, enter your username as in game and select your shard
    • (you can also use atitd.org/openid/tale5/YourName_ShardName but the short form is easier)
  • Click submit
    • This will take you to the atitd.org openid server, where you have to enter the password you set in the webpass command above
    • If you are already logged in via this server, it will remember you and you will skip this step
  • After entering a correct password, you should then be returned to the forum and successfully logged in
    • On first login, it will prompt you to create a forum account to bind to this OpenID account - we'd recommend you use your game name

Once you're logged in to the forums, you may wish to set a local password (go to your user control panel->profile->account settings) so you can then use the forum login method (login page below the OpenID stuff) instead. This is only required for moderators/admins.

Difficulties logging in

If you have problems logging in, first ensure that you have set your webpass as above.

Second, ensure you aren't blocking cookies for atitd.org (use this cookie tester).

If neither of those solves the problem, post to this forum, come to #atitd-wiki in IRC or contact FaceAnkh ingame.


Third party sites

Third party sites can also use the atitd.org openid server to confirm the identity of users, meaning they won't need to reregister for each site. The process is fairly straightforward and example PHP code is available (implementations in many other languages too). You do not need to ask permission or arrange for access - the server is open.

If you have problems, contact FaceAnkh (IRC is best).

Brief instructions

See the example OpenID consumer at http://faceankh.atitd.org/consumer/ (download code from http://faceankh.atitd.org/openid_consumer.tar.gz).

I've taken the basic JainRain PHP OpenID consumer, added some notes, restricted it to accept only atitd.org OpenIDs (easy to revert if you wish) and added a snippet of code that auto prepends atitd.org/openid (if unspecified) so you can just use USERNAME for the login.

Notes on the basic code flow: index.php is the main HTML frontend. When you submit the form from there, info goes to try_auth.php, which checks various things (including the atitd.org restriction) and redirects the user to the openid server. The openid server will return the user to finish_auth.php with a yes/no.

You'll need to edit the $store_path variable in common.php to something unique (see notes there) - this specifies where temporary session files are kept.

You'll possibly want to throw away index.php or just recode it into your style.

You'll want to add your user session variable/cookie to the "yes" part of finish_auth.php and send the user on from there to your main pages.

I'd suggest you dump all the PAPE stuff (allows one to request the server uses particular means of authentication) - we don't support it :/

Troubleshooting

A common problem is if your trust root (openid.realm in the GET URL) doesn't match the return_to URL (openid.return_to), the JainRain server tends to go boom (white page @ atitd.org/account). It seems to be fussy about funny characters (particularly URL encoded ones) in the trust root. An example of this is if you come from a default mediawiki with openid extension, it sets the realm to "http://.../mywiki?title=" which makes the atitd.org server blow up. Force your realm/trust root to a lower subpart of the URL, e.g. "http://.../mywiki".

For other problems, contact FaceAnkh.