Labs/Weave/User/1.0/Setup: Difference between revisions
| Line 18: | Line 18: | ||
<pre> | <pre> | ||
Alias /user/1.0 <full path to weave directory>/weaveserver-registration/1.0/index.php | Alias /user/1.0 <full path to weave directory>/weaveserver-registration/1.0/index.php | ||
Alias /user/1 | Alias /user/1 <full path to weave directory>/weaveserver-registration/1.0/index.php | ||
</pre> | </pre> | ||
(the second one is just for backwards compatibility) | (the second one is just for backwards compatibility) | ||
Revision as of 01:42, 3 March 2010
It is strongly recommended that you use the [Weave Minimal Server] rather than a full install.
Pre-Setup Considerations
It is strongly recommended that the Weave Registration Server be set up under https, or behind a firewall with an https proxy in front of it. It uses standard http auth (implemented in the code), which will send the password in the clear unless done over https.
The Weave Registration Server requires PHP with PDO, UTF8 and JSON support installed. This should be the case if you are running PHP 5.1+. PDO will need drivers for whatever storage and authentications engines are used.
WebDav must not be enabled for this server - it intercepts some of the http packets and syncing will fail.
Setting up the Server
1) You can get the latest server from http://hg.mozilla.org/labs/weaveserver-registration
2) Edit your apache conf files to add the following:
Alias /user/1.0 <full path to weave directory>/weaveserver-registration/1.0/index.php Alias /user/1 <full path to weave directory>/weaveserver-registration/1.0/index.php
(the second one is just for backwards compatibility)
3) Copy weaveserver-registration/1.0/weave_user_constants.php.dist to weave_user_constants.php and edit it as described below.
Setting up Weave Authentication
In weave_user_constants.php
define('WEAVE_AUTH_ENGINE', '[mysql|mozilla]');
so for example
define('WEAVE_AUTH_ENGINE', 'mysql');
Mysql
Create the mysql database. Add the following tables:
CREATE TABLE `users` ( id int(11) NOT NULL PRIMARY KEY auto_increment, username varbinary(32) NOT NULL, md5 varbinary(64) default NULL, email varbinary(64) default NULL, location text, status tinyint(4) default '1', alert text, reset varchar(32) ) ENGINE=InnoDB;
Constants:
define('WEAVE_MYSQL_AUTH_HOST', '<db host>');
define('WEAVE_MYSQL_AUTH_DB', '<db name>');
define('WEAVE_MYSQL_AUTH_USER', '<db username>');
define('WEAVE_MYSQL_AUTH_PASS', '<db password>');
(Note that you don't need to define the second set of constants if you are using the same db for reads and writes)
If you want to use the more secure SHA256 algorithm for hashing passwords, set
define('WEAVE_SHA_SALT', '<salt>');
if you have older users (pre SHA-availability), or want to fall back to md5:
define('WEAVE_MD5_FALLBACK', false);
You can create users directly in mysql with the following command:
insert into users (username, md5, status) values ('username', md5('password'), 1);
However, this requires you to either not use a salted SHA, or to have the ability to fallback to md5.
Captcha
If you wish to use a captcha for your account creation, you will need to get yourself a public key and private key from http://recaptcha.net/. Put those keys in the weave_user_constants.php file and change WEAVE_REGISTER_USE_CAPTCHA to 1. Also copy /server/misc/1/weave_misc_constants.php.dist to weave_misc_constants.php and add your keys there as well.
To serve up the captchas, use the
Alias /misc/1.0/captcha_html <full path to weave user directory>/weave-registration/1.0/captcha.php
Admin Access
If you want to be able to programmatically create and delete accounts, you will need to enable the secret for the machine and change it from null
if (!defined('WEAVE_REGISTER_ADMIN_SECRET')) { define('WEAVE_REGISTER_ADMIN_SECRET', null); }
this will enable you to pass a secret as an 'X-Weave-Secret' header that overrides captcha and auth requirements.
Editing the Client
In about:config, set extensions.weave.ServerUrl to https://servername/user