Labs/Weave/User/1.0/Setup: Difference between revisions
(→Mysql) |
(→Mysql: A commata was missing) |
||
| Line 47: | Line 47: | ||
location text, | location text, | ||
status tinyint(4) default '1', | status tinyint(4) default '1', | ||
alert text | alert text, | ||
reset varchar(32) | reset varchar(32) | ||
) ENGINE=InnoDB;</pre> | ) ENGINE=InnoDB;</pre> | ||
Revision as of 17:53, 4 February 2010
It is strongly recommended that you use the [Weave Minimal Server] rather than a full install.
Pre-Setup Considerations
It is strongly recommended that the Weave Registration Server be set up under https, or behind a firewall with an https proxy in front of it. It uses standard http auth (implemented in the code), which will send the password in the clear unless done over https.
The Weave Registration Server requires PHP with PDO, UTF8 and JSON support installed. This should be the case if you are running PHP 5.1+. PDO will need drivers for whatever storage and authentications engines are used.
WebDav must not be enabled for this server - it intercepts some of the http packets and syncing will fail.
Setting up the Server
1) You can get the latest server from http://hg.mozilla.org/labs/weaveserver-registration
2) Edit your apache conf files to add the following:
Alias /user/1.0 <full path to weave directory>/weaveserver-registration/1.0/index.php
3) Copy weaveserver-registration/1.0/weave_user_constants.php.dist to weave_user_constants.php and edit it as described below.
Setting up Weave Authentication
In weave_user_constants.php
define('WEAVE_AUTH_ENGINE', '[mysql|mozilla]');
so for example
define('WEAVE_AUTH_ENGINE', 'mysql');
Mysql
Create the mysql database. Add the following tables:
CREATE TABLE `users` ( id int(11) NOT NULL PRIMARY KEY auto_increment, username varbinary(32) NOT NULL, md5 varbinary(32) default NULL, email varbinary(64) default NULL, location text, status tinyint(4) default '1', alert text, reset varchar(32) ) ENGINE=InnoDB;
Constants:
define('WEAVE_MYSQL_AUTH_HOST', '<db host>');
define('WEAVE_MYSQL_AUTH_DB', '<db name>');
define('WEAVE_MYSQL_AUTH_USER', '<db username>');
define('WEAVE_MYSQL_AUTH_PASS', '<db password>');
(Note that you don't need to define the second set of constants if you are using the same db for reads and writes)
You can create users directly in mysql with the following command:
insert into users (username, md5, status) values ('username', md5('password'), 1);
Captcha
If you wish to use a captcha for your account creation, you will need to get yourself a public key and private key from http://recaptcha.net/. Put those keys in the weave_user_constants.php file and change WEAVE_REGISTER_USE_CAPTCHA to 1. Also copy /server/misc/1/weave_misc_constants.php.dist to weave_misc_constants.php and add your keys there as well.
To serve up the captchas, use the
Alias /misc/1.0/captcha_html <full path to weave user directory>/weave-registration/1.0/captcha.php
Admin Access
If you want to be able to programmatically create and delete accounts, you will need to enable the secret for the machine and change it from null
if (!defined('WEAVE_REGISTER_ADMIN_SECRET')) { define('WEAVE_REGISTER_ADMIN_SECRET', null); }
this will enable you to pass a secret as an 'X-Weave-Secret' header that overrides captcha and auth requirements.
Editing the Client
In about:config, set extensions.weave.ServerUrl to https://servername/user