Public Member Functions | Static Public Member Functions

aesop::UserManager Class Reference
[Users and User Management]

This class is threadsafe! In general, these methods are unsafe to call from the main server execution thread, because they can take a long time (disk read/writes and other operations). More...

#include <srv-users.h>

Inheritance diagram for aesop::UserManager:
Inheritance graph
[legend]

List of all members.

Public Member Functions

virtual ~UserManager (void) throw ()
virtual bool canCreateNewUsersTS (void) const =0 throw ()
virtual bool passwordRequiredTS (void) const =0 throw ()
virtual void getUsernamesTS (SetString &names)=0
virtual bool logInAsUserTS (const char *username, const char *password, std::string &playerGuid, std::string &diagnostic)=0
virtual bool createUserTS (const char *username, std::string &diagnostic)=0
virtual bool isAdminTS (const char *username)=0

Static Public Member Functions

static smart_ptr< UserManagercreate (const Datahash *params)

Detailed Description

This class is threadsafe! In general, these methods are unsafe to call from the main server execution thread, because they can take a long time (disk read/writes and other operations).

So it is recommended to only use this object from worker threads!

Particular APIs may be suitable for use by the main thread, and if so, they will note that.

All APIs end in TS to denote threadsafe.

All APIs are also idempotent.

At the moment, a User is not a rich type, but is really just a username with a few properties (password, isAdmin). If user data expands, User may be pulled out into a real class.

A note on terminology:

See also rules_players


Database
The User database is very simple: it is a directory on the server! The server admin can pick whatever directory they'd like. It should be read and write-able by the account that is running the aesop server. The user directory can be used for all games hosted on the server, or the admin can create different user directories for each game, it is up to them.

Every user has their own file in the directory, of the form "[username].user". So it is easy to see who all the users are just by performing a directory listing.

At the moment, usernames must be 3-15 characters in length, all lowercase. Only characters in the range 'a' - 'z' are allowed. Numbers or spaces are not legal, for example. User files not meeting this restriction will be ignored.

There is a special file in the directory named "user-db.config". This is the configuration file for the user database, and it contains important policy settings. Two in particular are:

If canCreateNewUsers is false, then there is no way for people to create new user accounts. As an admin, you can create new user accounts just by creating new [username].user files in the user directory. You can create empty files, and that is enough. If a user file does not contain a password, the player can set the user password on their first login.

If you need to reset a password, just edit the .user file for that username, and delete the password line. Passwords are one-way encrypted (using a cryptographic hash) so even a aesop admin cannot see players' passwords. The user will then have to provide a new password on next login. [This leads to obvious race conditions, which we can fix later if necessary]

If you would like to make someone an admin, add a "isAdmin true" line to their [username].user file. This will give them admin privileges on the server. Only admins can start/save/end games, for instance.

Definition at line 130 of file srv-users.h.


Constructor & Destructor Documentation

aesop::UserManager::~UserManager ( void   )  throw () [virtual]

Definition at line 50 of file srv-users.cpp.


The documentation for this class was generated from the following files: