Forum

Page 5 of 7 FirstFirst ... 34567 LastLast
Results 61 to 75 of 96
  1. #61
    Join Date
    January 2010
    Location
    Under your carpet
    Posts
    3
    Our users are far too stupid, and MULTI LINGUAL, to use the token system. We can use the token system programatically, but we need to know which member is which relating to our site without intervention upon log-in. We also don't limit users to our single server, we want to allow our users to use multiple servers.

  2. #62
    Join Date
    December 2009
    Location
    Switzerland
    Posts
    439
    Quote Originally Posted by Ben'Jammin View Post
    Our users are far too stupid, and MULTI LINGUAL, to use the token system.
    But they should be able to click on a link, right? Therefore they can click on the link including the token.

    Quote Originally Posted by Ben'Jammin View Post
    We can use the token system programatically, but we need to know which member is which relating to our site without intervention upon log-in.
    In the proposed solution the token is assigned a username, therefore you know who used the token.

    Quote Originally Posted by Ben'Jammin View Post
    We also don't limit users to our single server, we want to allow our users to use multiple servers.
    Why should this be a problem? If you know the mapping "TS3 unique ID -> your id" on one server you could even copy it automatically to the other servers.

  3. #63
    Join Date
    December 2009
    Location
    London
    Posts
    32
    For the sake of my lazyness can you give me an example of a URL which includes a token?

    ( I still think this is a dirty solution, to what could be made very simple)

    For example, if you could provide us the variable used for the server password we could bastardise it to work as a user password in the auth SQL. But having looked through the queries i dont see anywhere where server password is mentioned so it must be done via internal SQL within the server?

  4. #64
    Join Date
    July 2002
    Location
    Germany
    Posts
    2,192
    Quote Originally Posted by LuckyWS View Post
    For the sake of my lazyness can you give me an example of a URL which includes a token?
    It does not exist yet, since tokens that can be used *on-connect* are not present yet. They were part of the suggested solution to your problems.

    I think some of the posts here are still a little confused as to how the proposed solution will work, so I have created a use case for you as an example to read:

    the way it worked with ts2
    When a user logged in on your website, you could automatically create a login for this user on your teamspeak 2 server, and provide it with the required permissions. You then had a section for the user to click something like "how to connect to our teamspeak" where he would see (with screenshots etc.) how to download the ts2 client, how to open quick connect or add an entry in the server list, where to fill the IP, Port, Nickname, Loginname and Password.

    the way it could work with ts3 and the proposed changes
    When a user logges onto your website, you have this section that tells the user how to log onto your teamspeak 3 server, you have pictures on how to download and install the client, and then a direct link "click here to connect to our teamspeak 3 server". After connected the user clicks bookmarks->"bookmark this server" to permanently add a bookmark in the ts3 client in case he wants to return using just the client.

    analysis
    From looking at it, the second solution seems easier. I think you *could* have done the TS2 part with a link also, but the user would have to manually add the data if you wanted him to have a "permanent" way to connect to the server via the client, so that would not buy you much.

    Now, how does the ts3 solution work, under the hood? The user doesn't care, but the guy that creates the link to click has to know. The website creates a token when the user logs in (e.g. using the serverquery interface), this token is made to promote the user to have his designated permission group. The token is also made in a way so it will set the website-login name (or any other identifier string) as the user description automatically, so you can later find which ts3 account belongs to which user on your website and vice versa. This token is passed in the connect link, so the link might look something like ts3server://serverIP:serverPort/nickname=MasterNoob?connectToken=43525dfsf32423fsd 23fsd53wfsd53Rsf324fsd

    Since this token can also put you in a group that has the permission b_virtualserver_join_ignore_password set, you can put a totally random password on your server and thus do NOT have to allow any joe random to join. Only clients can join that know your random server password (that, if you make it long and tell nobody is not going to happen) or users that are in a server group that may ignore the password (which users using a connect token are, and users returning that used a connect token sometime in the past). So you can, if you like, easily make a secure TS3 server that is only open to your (registered) website users.

    Since the token is crafted in a way so it sets the client description to the users login name (the login name on your website, teamspeak knows no such thing as "Login names"), you can e.g. when you wnat to delete the user from your website find and remove the entry on the teamspeak 3 server.

    So, to sum it up:
    • You users will have an easier time (more userfriendly) than with TS2
    • You are using a more secure system, e.g. users will not choose week passwords (since there are no passwords involved) that might be guessed by attackers
    • The work involved for the website programmer doesn't seem to be more complicated to me



    Quote Originally Posted by LuckyWS View Post
    I still think this is a dirty solution, to what could be made very simple
    You are free to disagree with me, but I see the solution as a cleaner, more elegant, more secure and more user friendly solution. It is different than with TS 2 yes, but that is no reason to hate it. I think you might just need to get used to some of the concepts to be able to appreciate it, instead of thinking "ew token, I don't know what that is, it sounds complicated, I don't like it, gimme my username/pw back because I understood how that works". No offence mate
    Last edited by Peter; January 9th, 2010 at 10:48 AM.
    You think my answer is stupid ? Read This:
    http://www.catb.org/~esr/faqs/smart-...ons.html#intro

    In a world without fences and walls - who needs windows and gates ?

  5. #65
    Join Date
    December 2009
    Location
    Switzerland
    Posts
    439
    Thank you very much for your detailed description. Now it should be clear for everyone

    Quote Originally Posted by Peter View Post
    Since the token is crafted in a way so it sets the client description to the users login name (the login name on your website, teamspeak knows no such thing as "Login names"), you can e.g. when you wnat to delete the user from your website find and remove the entry on the teamspeak 3 server.
    That's the only point I would like to see different. I would prefer an additional username field that can be shown in the client. This way I still can use the description for other things and don't lose the description functionality just because I am using this way of authenticating my users.

  6. #66
    Join Date
    June 2002
    Location
    Krün / Germany
    Posts
    1,638
    Quote Originally Posted by PeterW View Post
    That's the only point I would like to see different. I would prefer an additional username field that can be shown in the client. This way I still can use the description for other things and don't lose the description functionality just because I am using this way of authenticating my users.
    thats why i wrote " for example " in my ideas... ofcourse it will be something different.

  7. #67
    Join Date
    December 2009
    Location
    Switzerland
    Posts
    439
    Thanks for clarification

  8. #68
    Join Date
    December 2002
    Location
    The Netherlands
    Posts
    14
    Ok cleared up a bit. will there be info on how to work the new query system (as we have been adding names manually all the time)

  9. #69
    Join Date
    March 2009
    Location
    USA
    Posts
    20
    Quote Originally Posted by R. Ludwig View Post
    thats why i wrote " for example " in my ideas... ofcourse it will be something different.
    I think a (realatively simple) way to deal with that is to allow custom fields for data to be put in. A sample change to database would be to add 2 tables.
    custom_fields would have: field_id, server_id, name, discription, order, needed_view_power, needed_edit_power

    client_field_data would have: client_id, field_id, data

    client_field_data.client_id = clients.client_id
    client_field_data.field_id = custom_fields.field_id
    client_field_data.server_id = servers.server_id

    you could have it set to only show fields for the server that the user has set, and the person looking has the power to view, and control ordering. This (relatively) small change opens up a world of posibilities, since you could have data only some people can see or change, and some anyone can change. And since this is all in the database, its easily cross-referenced for user deletion if you want by doing a lookup for the client_ids that have field_id x having data = y, and then doing the query to revoke/add permissions or delete that user with the given client ids.

    Pear that with the token used on first connect that could have a list of things it does on first use (such as setting those fields and initial groups).

    I think this along with decent webpage coding could fully replace the need for username/password (such as giving clients on your webpage a way to add more identities when needed, but only up to a limit).

  10. #70
    Join Date
    February 2009
    Location
    The Netherlands
    Posts
    17
    Removed by Moderator
    Last edited by Peter; January 12th, 2010 at 11:18 AM. Reason: You are off-topic here, this is not about the auth system in general, just integration with pre-existing user bases

  11. #71
    Join Date
    July 2002
    Location
    Germany
    Posts
    2,192
    Ok guys,

    before this thread gets derailed again, I will close this down. We will make the suggested changes that should solve the problems outlined with regards to integrating a preexisting user base into teamspeak 3. These changes will be out with the next release, have a look at them then, play around with them and if there is still a fundamental problem you can create a new thread where we can discuss it. Thanks for your feedback, I am sure we are on a good way with these changes!

    Peter
    You think my answer is stupid ? Read This:
    http://www.catb.org/~esr/faqs/smart-...ons.html#intro

    In a world without fences and walls - who needs windows and gates ?

  12. #72
    Join Date
    June 2002
    Location
    Krün / Germany
    Posts
    1,638
    does the changes work for you?

  13. #73
    Join Date
    December 2009
    Location
    London
    Posts
    32
    Quote Originally Posted by R. Ludwig View Post
    does the changes work for you?
    I have yet to figure out how the changes help - but I did make a post which was unanswered in the Linux server chat regarding the URL variables it takes, and if we can send tokens now, that would work for me.

    However - The new updates, such as making mysql work properly are great, and I thank you for your valued and continued dedication to the improvement of this wonderful software.

  14. #74
    Join Date
    December 2009
    Location
    Switzerland
    Posts
    439
    Quote Originally Posted by R. Ludwig View Post
    does the changes work for you?
    I am currently testing the improvements and so far I found the following:
    http://forum.teamspeak.com/showthread.php?t=50132

  15. #75
    Join Date
    June 2002
    Location
    Krün / Germany
    Posts
    1,638
    normal link:
    <a href="ts3server://voice.teamspeak.com?token=NulDTazANJRDQd/ArP8yb+m0Hea2AbqB3scKSvz/">Public server with token</a>

    bookmarak link:
    <a href="ts3server://voice.teamspeak.com?nickname=Seppel&addbookmark=Te stLabel&token=NulDTazANJRDQd/ArP8yb+m0Hea2AbqB3scKSvz/">Public server with token, add bookmark only</a>

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [Need help] Simple user support system.
    By Karol1814 in forum Server Support
    Replies: 3
    Last Post: September 18th, 2014, 09:48 PM
  2. last user login data & preexisting user table
    By Valsimot in forum Server Support
    Replies: 1
    Last Post: January 30th, 2012, 10:44 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •