ClueNet talk:ClueAPI

From ClueWiki

Jump to: navigation, search

[22:31:29] <Crispy>1. There's an API command to send an email verification code, which consists of a hash of a secret key concatenated with the email address.

[22:32:08] <Crispy>2. There's an API command for a user with a privilege similar to the current createacct privilege to generate a "vouch code" for a user, which consists of a hash of a secret key concatenated with the vouched-for user's nick.

[22:32:43] <Crispy>3. There's an API command for the applying user to use with the following parameters: <Username> <Email> <Nick> <EmailVCode> <NickServPW> <VouchCode>

[22:34:11] <Crispy>4. The username is checked to make sure it's valid, the email is checked against the email verification code given, the nick is checked against the nickserv password and the vouch code, and if everything matches up, the account is created.

[22:34:24] <davenull>:)

[22:34:29] <davenull>Very nice.

[22:35:18] <Crispy>THere will be a nice web interface on the frontend to use this API on the backend.

[22:35:32] <Cobi>Or we could make them learn to use remctl ... :P

[22:35:37] <davenull>Lol.

[22:35:41] <Crispy>Cobi: You need a kerberos principal to use remctl.

[22:35:45] <Crispy>They don't have one yet.

[22:36:08] <Cobi>There are no anonymous commands?

[22:36:17] <Crispy>No.

[22:36:24] <Crispy>Everything has to authenticate as some principal.

[22:37:32] <Crispy>My one concern is that, theoretically, a person could use the same set of credentials to create as many accounts as they'd like. For this reason, there can only be one account per email, and one account per nick.

[22:37:46] <Crispy>Unless the 'override' option is given, which can only be used by /admin principals.

[22:39:16] <Crispy>Does this sound good?

[22:39:22] <Cobi>Yes.

[22:39:27] <davenull>Crispy: Just when I think I am getting close to having the remctl docs done...

[22:39:38] <Crispy>davenull: This command isn't even started yet.

[22:39:44] <Crispy>But most of the API framework for it is done.

commands list

Cluenet remctl commands as of 03/19/09 5:00 EST


Accessible to admins of requested server:

hostadm.api.cluenet.org hostadm getkeytab <PRINCIPAL>

hostadm.api.cluenet.org hostadm addauthorizedhostservice <Username> <Host> <Service>

hostadm.api.cluenet.org hostadm delauthorizedhostservice <Username> <Host> <Service>

Accessible to any server admin:

hostadm.api.cluenet.org hostadm unameblacklistadd <UsernameToBlacklist>

dns.api.cluenet.org dns refresh

Accessible to any principal:

hostadm.api.cluenet.org hostadm unameblacklistshow [plain|regex]

useradm.api.cluenet.org useradm checkunameavailability <Username>

useradm.api.cluenet.org useradm sendemailverify <EmailAddress>

useradm.api.cluenet.org useradm newacct <Username> <Email> <Nick> <EmailVCode> <NickServPW> <VouchCode>

useradm.api.cluenet.org useradm checkvouchcode <Nick> <VouchCode>

useradm.api.cluenet.org useradm checkemailverification <Email> <VerificationCode>

irc.api.cluenet.org irc checknickservpass <Nick> <NickServPassword>

irc.api.cluenet.org irc cluebot dump [Nick1,Nick2,...]

irc.api.cluenet.org irc cluebot points [Nick1,Nick2,...]

irc.api.cluenet.org irc cluebot dumpheader

Accessible to any user:

useradm.api.cluenet.org useradm changenick <NewNick> <NickServPassword>

useradm.api.cluenet.org useradm changeemail <NewEmail> <EmailVerificationCode>

Accessible to users with clueAuthorizedAbility of initialvouch:

useradm.api.cluenet.org useradm initialvouch <NickToVouchFor>

Accessible to DNS slave host principals:

dns.api.cluenet.org dns getslaveconfig

Retrieved from "http://a.core.cluenet.org/wiki/ClueNet_talk:ClueAPI"
Personal tools