Remote Authentication System (RAS) v1.0 is a simple, easy to implement protocol allowing you to perform username/password authentication from your own web site. This is performed by hosting a script on your own website (using PHP, ASP, Perl, JSP, etc..) that accepts two parameters; a username, and a password; and prints a single digit value as a result to indicate the privilege level of the user requesting access to the chat room.
SCRIPT INPUT PARAMETERS
The following parameters are passed to your script http-encoded as CGI get variables.
- username : Requesting username
- password : Requesting user's password
- ip : Requesting user's ip address
For example. If the user "JavaMan" logged in using the password "FoxTROT" with IP address 192.168.2.1, and your RAS script is http://www.mywebsite/verify.pl, your script would be invoked as:
http://www.mywebsite.com/verify.pl?username=JavaMan&password=FoxTROT&ip=192.168.2.1
SCRIPT OUTPUT Your script should return (print to screen) a single 0 (zero), 1 (one), or 2 (two), or 3 (three) dependant upon whether or not you wish to allow this user access to your chat room. We recommend using the text/plain content-type header in your script:
- A value of Zero (0) indicates the user will be denied access
- A value of One (1) indicates that access is granted
- A value of Two (2) indicates that access is granted, and that the user has administrative privileges.
- A value of Three (3) indicates that access is granted, the user has administrative privileges and the user has grant privileges (the ability to grant other users administrative privileges).
- A value of Four (4) indicates that access is granted with all of the permissions of level Three (3) and additionally has full access to the Remote Administrators Console which provides access to monitor your chat room without being logged in.
EXAMPLE CODE (PERL)
The following is an example script written in perl that will only allow a user named JAVAMAN access. This script requires the CGI perl module available from cpan.org.
#!/usr/bin/perl
use CGI qw(:param);
$ip = param("ip");
$username = param("username");
$password = param("password");
print "Content-type: text/plain\n\n";
if($username eq "JAVAMAN")
{
print "1";
}
else
{
print "0";
}
EXAMPLE CODE (PHP)
The following is an example script written in PHP that will only permit a user with the name 'admin' using password '12345' super administrator access, and all other users regular access with the exception of the user named 'invalid' who is not permitted access.
<?php
$user_name = $_REQUEST['username'];
$user_ip = $_REQUEST['ip'];
$user_password = $_REQUEST['password'];
header("Content-type: text/plain");
/* User's with the name 'invalid' are not allowed into the chat room */
if($username == 'invalid')
{
print "0";
exit(0);
}
/*
Username admin is allowed in with super-admin
access if the password is 12345
*/
if( ($username == 'admin') && ($password == '12345') )
{
print "3";
exit(0);
}
/* All other users are given standard user access */
print "1";
exit(0);
?>
