I want to use a custom external script for auth. But there's some admin users. And I don't want to keep track "on my side" of who is registered or not.
So I prefer the "isuser" call to be handled internal like default. But I don't know how. Anyone?
Looking for ejabberd docs?
To access the most up-to-date ejabberd documentation, please visit docs.ejabberd.im »
How to "auth" with external script but use "isuser" from internal?
Submitted by JohnNL on Wed, 2017-03-01 13:44
![Syndicate content](../../../misc/feed.png "Comments for \"How to "auth" with external script but use "isuser" from internal?\""){kind=small}
You would have to modify the
You would have to modify the source code. For example, enable external, but in it overwrite the relevant functions definitions, that you copy from the internal source code.
My external auth script is in
My external auth script is in PHP. I don't speak any erlang.
I not sure about the idea behind this. Why is it so difficult to leave everything up to ejabberd, except the actual authorisation?
My external auth script is in
My external auth script is in PHP. I don't speak any erlang.
I not sure about the idea behind this. Why is it so difficult to leave everything up to ejabberd, except the actual authorisation?
So the idea is to do all user
So the idea is to do all user related stuff yourself if using `auth_method: external`?
Why can I still set and get vcard info? Those users are not registered users in ejabberd anymore?
And can I still get current status or other stuff from ejabberd?
> So the idea is to do all
> So the idea is to do all user related stuff yourself if using `auth_method: external`?
Not ALL user related stuff, only AUTH related. So, checking if the user exists, and if the password is valid, will be decided by your external script. Everything else is still stored and managed by ejabberd: vcards, rosters, subscriptions, user presence...
But also the registering of
But also the registering of users will be taken over by the custom script. If I try to register via web dashboard or ejabberdctl, the user will not be in the list of registered users on web dashboard or in the registered_users response. I see an incoming 'tryregister' in my script, but no matter if I respond 0 or 1 the user will not be created in ejabberd.
So I'll have to keep track of users on my side, but the vcard info is still in ejabberd? That sounds weird and error prone to me.
JohnNL wrote: But also the
But also the registering of users will be taken over by the custom script.
Of course! If you configure ejabberd to use your script to verify user passwords when authenticating, then it uses your script to set new passwords.
If I try to register via web dashboard or ejabberdctl, the user will not be in the list of registered users on web dashboard or in the registered_users response.
See the option extauth_cache, it may help you regarding administration tools like WebAdmin and commands.
https://docs.ejabberd.im/admin/configuration/
I see an incoming 'tryregister' in my script, but no matter if I respond 0 or 1 the user will not be created in ejabberd.
What is a "user" to you? To me, a user is a username+password that is verified when a client wants to login, and also the associated data (roster, vcard, offline messages...). In this sense, "creating" a user means registering its credentials (username+password). Later when the user first logins, he can set its basic data (roster contacts, vcard information...).
So I'll have to keep track of users on my side, but the vcard info is still in ejabberd? That sounds weird and error prone to me.
Right, your auth script takes care of authentication (as it name indicates). The other user associated information (roster, offline messages, private storage, privacy lists...) is managed by ejabberd.
Thanks for your reply. I
Thanks for your reply.
I ended up doing it differently, by creating and endpoint in our custom REST API (behind oauth2) that generates and returns a password and sets that for the ejabberd user.