Archive:Account Portal: Difference between revisions
m Added link to the section on cloning Volume 2 repositories |
m Pazaz moved page Account Portal to Archive:Account Portal |
||
(2 intermediate revisions by one other user not shown) | |||
Line 41: | Line 41: | ||
#Stop the Apache service, then start it again, to make sure that all of your changes get loaded correctly. | #Stop the Apache service, then start it again, to make sure that all of your changes get loaded correctly. | ||
#: [[File:Xampp1.jpg|thumb|none]] | #: [[File:Xampp1.jpg|thumb|none]] | ||
== Port forwarding == | |||
If your server is behind a router, you will need to set up some more port forwarding rules on your router, so that traffic arriving meant for your web server is allowed through the router and sent to your server. This is done by connecting to the Admin page for your router in a web browser (usually 192.168.1.1, may differ slightly depending on the brand of router), and setting up port forwarding rules (often under the WAN section). | |||
Set up 2 port forwarding rules, with the external ports as below and the Local IP Address as that of your web server (192.x.x.x, replace the x's with your address). | |||
* External Port 80, Protocol: TCP (this is for http traffic) | |||
* External Port 443, Protocol: TCP (this is for https traffic) | |||
== Set up HTTPS == | == Set up HTTPS == | ||
It is recommended that you set up HTTPS on your Apache server. HTTPS is important because usernames and passwords are being transmitted. HTTPS makes the transmission encrypted, as opposed to just plain text that anybody along the path can see. If you're just hosting for people attached via LAN or a VPN that you control, you're fine to leave it http only. But any internet-facing server that has people creating accounts from web browsers connecting from outside of your LAN should be HTTPS enabled. | It is recommended that you set up HTTPS on your Apache server. HTTPS is important because usernames and passwords are being transmitted. HTTPS makes the transmission encrypted, as opposed to just plain text that anybody along the path can see. If you're just hosting for people attached via LAN or a VPN that you control, you're fine to leave it http only. But any internet-facing server that has people creating accounts from web browsers connecting from outside of your LAN should be HTTPS enabled. | ||
This requires having a domain set up for yourself. Either by using a [[Volume_2_Modifying_Server_For_External_Access#(Optional)_Dynamic_DNS_setup|Dynamic DNS]] for free, or by purchasing a domain name from somewhere for a small annual fee. | |||
These instructions use the site https://zerossl.com/free-ssl. There are other sites out there that provide similar services, this is just an example of a fairly user-friendly site. | |||
#Create some new folders: C:\xampp\certificates and C:\xampp\htdocs\.well-known\acme-challenge. | |||
#Ensure that your Apache server is started, through your xampp Control Panel | |||
#Visit https://zerossl.com/free-ssl/#howtocrt. Reading through the first section is recommended, it explains a few things about the process. Then click on {{ms|Start SSL Certificate Wizard.}} | |||
#Enter your email address so that you will be notified when your certificate is about to expire so that you can renew it. Enter your domain name. | |||
#Select HTTP verification, accept the TOS, accept the Subscriber agreement, click on Next. | |||
#: [[File:Zerossl1.jpg|thumb|none]] | |||
#Click No when asked if you want to include the www-prefixed version too. | |||
#Click on Download to get a copy of the Certificate Signing Request(CSR) that gets generated. Save it to C:\xampp\certificates. Click on Next. | |||
#: [[File:Zerossl2.jpg|thumb|none]] | |||
#Click on Download to get a copy of the Account Key that gets generated. Save it to C:\xampp\certificates. Click on Next. | |||
#: [[File:Zerossl3.jpg|thumb|none]] | |||
#Click on Download to get a copy of the verification file that gets generated. Save it to C:\xampp\htdocs\.well-known\acme-challenge. Click on Next. | |||
#: [[File:Zerossl4.jpg|thumb|none]] | |||
#Read the page that tells you your certificate is ready. Write down your account ID somewhere. | |||
#Click on the two download links to get a copy of the domain certificate file and the domain key file that get generated. Save them to C:\xampp\certificates as domain-crt.txt and domain-key.txt. | |||
#Edit the file C:\xampp\apache\conf\extra\httpd-vhosts.conf. Change the text of the file below the commented out section to read the following, replacing all the instances of yourhost.domain.org with your own domain name. | |||
<nowiki>Define CERTROOT "C:/xampp/certificates" | |||
Define SITEROOT "C:/xampp/htdocs" | |||
<VirtualHost *:80> | |||
ServerName yourhost.domain.org | |||
#Redirect http requests to https | |||
Redirect permanent "/" "https://yourhost.domain.org" | |||
ErrorLog "${SITEROOT}/logs/yourhost.domain.org-error.log" | |||
CustomLog "${SITEROOT}/logs/yourhost.domain.org-access.log" common | |||
</VirtualHost> | |||
<VirtualHost *:443> | |||
ServerName yourhost.domain.org | |||
DocumentRoot "${SITEROOT}" | |||
ErrorLog "${SITEROOT}/logs/yourhost.domain.org-error.log" | |||
CustomLog "${SITEROOT}/logs/yourhost.domain.org-access.log" common | |||
SSLEngine on | |||
SSLCertificateFile "${CERTROOT}/domain-crt.txt" | |||
SSLCertificateKeyFile "${CERTROOT}/domain-key.txt" | |||
</VirtualHost></nowiki> | |||
*Stop and restart your Apache server using the xampp Control Panel. If all went well, you should be able to access https://yourhost.domain.org, and it will take you to the main page of the web portal. Also, if you try to go to http://yourhost.domain.org, it should redirect you to the secure https://yourhost.domain.org. |
Latest revision as of 09:46, 4 August 2024
Account Portal is a PHP web application that you run on a web server so that players can connect to a web page and create their own accounts and change their passwords without the server owner having to do manual inserts into the database.
Install Web Server
XAMPP is an easy to install distribution of the Apache web server that also contains some other useful tools. The Apache web server is what will be hosting your Account Portal application for creating accounts and changing passwords for your City of Heroes server.
- Install XAMPP 7.3.4 or greater into
C:\xampp
. For the account portal, the only option required is Apache, though installing all the features is a good idea if there's a chance you might use the server for other things like hosting forums or setting up a FTP server for transferring files. - Install the Microsoft PHP drivers for SQL Server into
C:\xampp\php\ext
- Modify your
C:\xampp\php.ini
and add the following sqlsrv extensions to theDynamic Extensions
section. Use version 7.3, thread-safe:extension=php_sqlsrv_73_ts_x64
extension=php_pdo_sqlsrv_73_ts_x64
- Add
C:\xampp\php
to yourPath
windows system environment variable. (click Start, typeenvironment
, click on Edit the system environment variables, edit the Path system variable, add a new entry for C:\xampp\php)
Clone Repository
Obtain the Account Portal source code from the latest version of the master branch on GitHub. Example using the SourceTree app (see Install SourceTree) for Git:
- If you do not already have one, create a new account at GitHub (different account from the OuroDev Git account)
- Run SourceTree. If you already have other tabs open, click on the + at the top of the screen to create a new tab.
- Click on Clone at the top of the page.
- Enter the Source Path:
https://github.com/auroris/City-of-Heroes-Account-Portal
This will prompt you for credentials, use your GitHub account. - Enter the Destination Path:
C:\Git\CoX\City-of-Heroes-Account-Portal
- Leave the rest as the defaults, and click on Clone. This will copy the latest files from the master branch to your destination path on your hard drive.
- Copy all of the files from
C:\Git\CoX\City-of-Heroes-Account-Portal
toC:\xampp\htdocs
Configure Account Portal
- Open a windows command prompt and type the following to download some required library files:
cd C:\xampp\htdocs
php composer.phar install
- Copy
dbquery.exe
intoC:\Ouroboros\bin
. Either download the file from http://build.ourodev.com/ (not available yet, will be added there shortly) or build it yourself from the CoX/Source repository (see Clone Volume 2 repositories): in Visual Studio, open C:\Git\CoX\Source\MasterSolution\MasterSolution.sln, right-click on dbquery in the list and select build. The dbquery.exe file should show up in the C:\Git\CoX\Source\Mapserver folder, then you can copy it from there into C:\Ouroboros\bin. - Go into C:\xampp\htdocs\config. Rename config.env.example to config.env and edit the file:
- Change the
db_password
to your database server's credentials. - Change the
dbquery
entry to:dbquery="C:\\Ouroboros\\bin\\dbquery.exe"
. - Change the
portal_name
to the name of your server, this will show on the web page when people visit your account portal web page. - Change your portal_key and portal_iv. Just put some random typing as the values here.
- Change the
- Add a unique index to column uid on cohauth.dbo.user_account to reduce the possibility of account uid collisions when multiple people are creating accounts at the same time. Open SQL Server Management Studio, expand "Databases", then right click on cohauth and select "New Query" from the menu. Paste this into the new query, then click on Execute:
CREATE UNIQUE INDEX AccountUID ON cohauth.dbo.user_account (uid);
- Double-click on C:\xampp\xampp_control.exe. This will show you a user interface for starting, stopping, and configuring the Apache web server as well as the other applications that came with XAMPP.
- Stop the Apache service, then start it again, to make sure that all of your changes get loaded correctly.
Port forwarding
If your server is behind a router, you will need to set up some more port forwarding rules on your router, so that traffic arriving meant for your web server is allowed through the router and sent to your server. This is done by connecting to the Admin page for your router in a web browser (usually 192.168.1.1, may differ slightly depending on the brand of router), and setting up port forwarding rules (often under the WAN section).
Set up 2 port forwarding rules, with the external ports as below and the Local IP Address as that of your web server (192.x.x.x, replace the x's with your address).
- External Port 80, Protocol: TCP (this is for http traffic)
- External Port 443, Protocol: TCP (this is for https traffic)
Set up HTTPS
It is recommended that you set up HTTPS on your Apache server. HTTPS is important because usernames and passwords are being transmitted. HTTPS makes the transmission encrypted, as opposed to just plain text that anybody along the path can see. If you're just hosting for people attached via LAN or a VPN that you control, you're fine to leave it http only. But any internet-facing server that has people creating accounts from web browsers connecting from outside of your LAN should be HTTPS enabled.
This requires having a domain set up for yourself. Either by using a Dynamic DNS for free, or by purchasing a domain name from somewhere for a small annual fee.
These instructions use the site https://zerossl.com/free-ssl. There are other sites out there that provide similar services, this is just an example of a fairly user-friendly site.
- Create some new folders: C:\xampp\certificates and C:\xampp\htdocs\.well-known\acme-challenge.
- Ensure that your Apache server is started, through your xampp Control Panel
- Visit https://zerossl.com/free-ssl/#howtocrt. Reading through the first section is recommended, it explains a few things about the process. Then click on
Start SSL Certificate Wizard.
- Enter your email address so that you will be notified when your certificate is about to expire so that you can renew it. Enter your domain name.
- Select HTTP verification, accept the TOS, accept the Subscriber agreement, click on Next.
- Click No when asked if you want to include the www-prefixed version too.
- Click on Download to get a copy of the Certificate Signing Request(CSR) that gets generated. Save it to C:\xampp\certificates. Click on Next.
- Click on Download to get a copy of the Account Key that gets generated. Save it to C:\xampp\certificates. Click on Next.
- Click on Download to get a copy of the verification file that gets generated. Save it to C:\xampp\htdocs\.well-known\acme-challenge. Click on Next.
- Read the page that tells you your certificate is ready. Write down your account ID somewhere.
- Click on the two download links to get a copy of the domain certificate file and the domain key file that get generated. Save them to C:\xampp\certificates as domain-crt.txt and domain-key.txt.
- Edit the file C:\xampp\apache\conf\extra\httpd-vhosts.conf. Change the text of the file below the commented out section to read the following, replacing all the instances of yourhost.domain.org with your own domain name.
Define CERTROOT "C:/xampp/certificates" Define SITEROOT "C:/xampp/htdocs" <VirtualHost *:80> ServerName yourhost.domain.org #Redirect http requests to https Redirect permanent "/" "https://yourhost.domain.org" ErrorLog "${SITEROOT}/logs/yourhost.domain.org-error.log" CustomLog "${SITEROOT}/logs/yourhost.domain.org-access.log" common </VirtualHost> <VirtualHost *:443> ServerName yourhost.domain.org DocumentRoot "${SITEROOT}" ErrorLog "${SITEROOT}/logs/yourhost.domain.org-error.log" CustomLog "${SITEROOT}/logs/yourhost.domain.org-access.log" common SSLEngine on SSLCertificateFile "${CERTROOT}/domain-crt.txt" SSLCertificateKeyFile "${CERTROOT}/domain-key.txt" </VirtualHost>
- Stop and restart your Apache server using the xampp Control Panel. If all went well, you should be able to access https://yourhost.domain.org, and it will take you to the main page of the web portal. Also, if you try to go to http://yourhost.domain.org, it should redirect you to the secure https://yourhost.domain.org.