Add on_auth_fail callback
#7039
Conversation
doc/lua_api.txt
Outdated
| @@ -2615,6 +2615,10 @@ Call these functions only at load time! | |||
| * `minetest.register_on_leaveplayer(func(ObjectRef, timed_out))` | |||
| * Called when a player leaves the game | |||
| * `timed_out`: True for timeout, false for other reasons. | |||
| * `minetest.register_on_auth_fail(func(ip, name))` | |||
There was a problem hiding this comment.
Please use name, ip as in minetest.register_on_prejoinplayer(func(name, ip))
|
What are the use cases of this callback? Network delays make it quite hard to crack a password of users, if that's what you would like to prevent. |
|
Yes please i'd like to know why this is needed. |
|
Possible use: Telling useRs that someone from another IP address was attempting to log in the account, which helps in maintaining legitimate bans for IP addresses. |
|
Like sofar said it allows informing users that someone was trying to access their account and while cracking even a mediocre password should be next to impossible over the network, a lot of users do use weak passwords. Plus if someone did just forget their password it allows informing them of any password reset system the server might have. |
|
I am the author of |
red-001
force-pushed
the
on_auth_failure
branch
3 times, most recently
from
37183b3
to
95fd78a
Compare
Called when a client fails to supply the correct password for the account it's attempting to login as.
red-001
force-pushed
the
on_auth_failure
branch
from
95fd78a
to
1b6f023
Compare
Called when a client fails to supply the correct password for the account it's attempting to login as.
Called when a client fails to supply the correct password for the account it's attempting to login as.
Called when a client fails to supply the correct password for the account it's attempting to login as.
Called when a client fails to supply the correct password for the account it's attempting to login as.
* Called when client fails to supply correct password it's attempting to login as. * the patch from sorceredkid * backported minetest#7039 * based on https://forum.minetest.net/viewtopic.php?p=329245#p329245 * USAGE: Telling useRs that someone from another IP address was attempting to log in * HELPS: which helps in maintaining legitimate bans for IP addresses * IMPROVEMENTS: * if someone did just forget their password it allows informing them of any password reset system the server might have. * having this callback could enable the very same thing, and solutions like this are reasonable. * this improvement is backported from 5.0.0 (it seems removed in 5.3)
Called when a client fails to supply the correct password for the account it's attempting to login as.