| ... | @@ -5,7 +5,7 @@ This guide is here to provide an alternative to steps 3 and 4 of the [TSWVote au |
... | @@ -5,7 +5,7 @@ This guide is here to provide an alternative to steps 3 and 4 of the [TSWVote au |
|
|
1) First, you will need to start your server and create a group that will have all the permissions you plan to give to your REST API application token. You can do so with the `/group add` command. Like so: `/group add tserverweb tshock.rest.useapi,tshock.rest.users.info,tshock.rest.command,vote.ping,AdminRest.allow`. The permissions required for the basic operation of our two plugins are included in the above command, where `tserverweb` is the new group's name and the rest are permissions separated by commas. It is at this stage that you may give TServerWeb extra permissions, but you can always add more permissions using `/group addperm` as well. Refer to [TShock's guide on permissions](https://tshock.readme.io/docs/permissions) to learn more.
|
|
1) First, you will need to start your server and create a group that will have all the permissions you plan to give to your REST API application token. You can do so with the `/group add` command. Like so: `/group add tserverweb tshock.rest.useapi,tshock.rest.users.info,tshock.rest.command,vote.ping,AdminRest.allow`. The permissions required for the basic operation of our two plugins are included in the above command, where `tserverweb` is the new group's name and the rest are permissions separated by commas. It is at this stage that you may give TServerWeb extra permissions, but you can always add more permissions using `/group addperm` as well. Refer to [TShock's guide on permissions](https://tshock.readme.io/docs/permissions) to learn more.
|
|
|
|
|
|
|
|
|
|
|
|
|
2) The second step is to create a user and make it a member of the new group. This user's credentials will not be used or exposed to any outside application. You may give this user a randomized username and must give this user a secure randomized password to avoid any abuse or other security concerns. The password's recommended length would be 16 characters. A convenient source of randomness would be [random.org's password tool](https://www.random.org/passwords/). If you're in a Linux terminal environment, you may also try this command `< /dev/urandom tr -dc A-Za-z0-9 | head -c16;echo;` instead. You must keep the username, and you can shred or discard the password. Because the password won't be used for anything, you need not bother to make it mnemonic, easy to remember, or otherwise human-readable.
|
|
2) The second step is to create a user and make it a member of the new group. This user's credentials will not be used or exposed to any outside application. You may give this user a randomized username and must give this user a secure randomized password to avoid any abuse or other security concerns. The password's recommended length would be 16 characters. A convenient source of randomness would be [random.org's password tool](https://www.random.org/passwords/). If you're in a Linux terminal environment, you may also try this command `< /dev/urandom tr -dc A-Za-z0-9 | head -c16;echo;` instead. You must keep the username, and you can shred or discard the password after you've used it in the command below. Because the password won't be used for anything, you need not bother to make it mnemonic, easy to remember, or otherwise human-readable.
|
|
|
To create this user, you run `/user add` like this: `/user add tserverwebXXXX PASSWORD GROUP`, where `XXXX` is a randomized postfix/appendix to the username, `PASSWORD` is your random password, and `GROUP` is the group that you've created in step 1 (which was `tserverweb` in our example). Beware that if you intend to use TSWVote's autosetup command later, it may destroy any users with username beginning with `tserverweb` and belonging to group `tserverweb`, as well as delete the group `tserverweb` if no users belonging to it are found. It will also destroy any API tokens that you create in step 3 if their (the token's, not the user's) group is `tserverweb`.
|
|
To create this user, you run `/user add` like this: `/user add tserverwebXXXX PASSWORD GROUP`, where `XXXX` is a randomized postfix/appendix to the username, `PASSWORD` is your random password, and `GROUP` is the group that you've created in step 1 (which was `tserverweb` in our example). Beware that if you intend to use TSWVote's autosetup command later, it may destroy any users with username beginning with `tserverweb` and belonging to group `tserverweb`, as well as delete the group `tserverweb` if no users belonging to it are found. It will also destroy any API tokens that you create in step 3 if their (the token's, not the user's) group is `tserverweb`.
|
|
|
|
|
|
|
|
|
|
|
| ... | | ... | |
