Archive:Account Portal: Difference between revisions

From OuroDev
Red Nile (talk | contribs)
m Added link to the section on cloning Volume 2 repositories
Red Nile (talk | contribs)
Added guide on how to set up HTTPS for your web server and account portal.
Line 41: Line 41:
#Stop the Apache service, then start it again, to make sure that all of your changes get loaded correctly.
#Stop the Apache service, then start it again, to make sure that all of your changes get loaded correctly.
#: [[File:Xampp1.jpg|thumb|none]]
#: [[File:Xampp1.jpg|thumb|none]]
== Port forwarding ==
If your server is behind a router, you will need to set up some more port forwarding rules on your router, so that traffic arriving meant for your web server is allowed through the router and sent to your server.  This is done by connecting to the Admin page for your router in a web browser (usually 192.168.1.1, may differ slightly depending on the brand of router), and setting up port forwarding rules (often under the WAN section).
Set up 2 port forwarding rules, with the external ports as below and the Local IP Address as that of your web server (192.x.x.x, replace the x's with your address).
* External Port 80, Protocol: TCP (this is for http traffic)
* External Port 443, Protocol: TCP (this is for https traffic)


== Set up HTTPS ==
== Set up HTTPS ==
It is recommended that you set up HTTPS on your Apache server. HTTPS is important because usernames and passwords are being transmitted. HTTPS makes the transmission encrypted, as opposed to just plain text that anybody along the path can see. If you're just hosting for people attached via LAN or a VPN that you control, you're fine to leave it http only.  But any internet-facing server that has people creating accounts from web browsers connecting from outside of your LAN should be HTTPS enabled.
It is recommended that you set up HTTPS on your Apache server. HTTPS is important because usernames and passwords are being transmitted. HTTPS makes the transmission encrypted, as opposed to just plain text that anybody along the path can see. If you're just hosting for people attached via LAN or a VPN that you control, you're fine to leave it http only.  But any internet-facing server that has people creating accounts from web browsers connecting from outside of your LAN should be HTTPS enabled.


To Do: add steps for obtaining HTTPS certificates and setting them up on the server
This requires having a domain set up for yourself.  Either by using a [[Volume_2_Modifying_Server_For_External_Access#(Optional)_Dynamic_DNS_setup|Dynamic DNS]] for free, or by purchasing a domain name from somewhere for a small annual fee. 
 
These instructions use the site https://zerossl.com/free-ssl.  There are other sites out there that provide similar services, this is just an example of a fairly user-friendly site.
#Create some new folders: C:\xampp\certificates and C:\xampp\htdocs\.well-known\acme-challenge.
#Ensure that your Apache server is started, through your xampp Control Panel
#Visit https://zerossl.com/free-ssl/#howtocrt.  Reading through the first section is recommended, it explains a few things about the process.  Then click on {{ms|Start SSL Certificate Wizard.}}
#Enter your email address so that you will be notified when your certificate is about to expire so that you can renew it.  Enter your domain name.
#Select HTTP verification, accept the TOS, accept the Subscriber agreement, click on Next.
#: [[File:Zerossl1.jpg|thumb|none]]
#Click No when asked if you want to include the www-prefixed version too.
#Click on Download to get a copy of the Certificate Signing Request(CSR) that gets generated.  Save it to C:\xampp\certificates.  Click on Next.
#: [[File:Zerossl2.jpg|thumb|none]]
#Click on Download to get a copy of the Account Key that gets generated.  Save it to C:\xampp\certificates.  Click on Next.
#: [[File:Zerossl3.jpg|thumb|none]]
#Click on Download to get a copy of the verification file that gets generated.  Save it to C:\xampp\htdocs\.well-known\acme-challenge.  Click on Next.
#: [[File:Zerossl4.jpg|thumb|none]]
#Read the page that tells you your certificate is ready.  Write down your account ID somewhere. 
#Click on the two download links to get a copy of the domain certificate file and the domain key file that get generated.  Save them to C:\xampp\certificates as domain-crt.txt and domain-key.txt.
#Edit the file C:\xampp\apache\conf\extra\httpd-vhosts.conf.  Change the text of the file below the commented out section to read the following, replacing all the instances of yourhost.domain.org with your own domain name.
<nowiki><VirtualHost *:80>
    ServerName yourhost.domain.org
#Redirect http requests to https
Redirect permanent "/" "https://yourhost.domain.org"
    ErrorLog "${SITEROOT}/logs/yourhost.domain.org-error.log"
    CustomLog "${SITEROOT}/logs/yourhost.domain.org-access.log" common
</VirtualHost>
 
<VirtualHost *:443>
    ServerName yourhost.domain.org
    DocumentRoot "${SITEROOT}"
    ErrorLog "${SITEROOT}/logs/yourhost.domain.org-error.log"
    CustomLog "${SITEROOT}/logs/yourhost.domain.org-access.log" common
SSLEngine on
    SSLCertificateFile "${CERTROOT}/domain-crt.txt"
    SSLCertificateKeyFile "${CERTROOT}/domain-key.txt"
</VirtualHost></nowiki>
*Stop and restart your Apache server using the xampp Control Panel.  If all went well, you should be able to access https://yourhost.domain.org, and it will take you to the main page of the web portal.  Also, if you try to go to http://yourhost.domain.org, it should redirect you to the secure https://yourhost.domain.org.

Revision as of 20:21, 3 July 2019

Error creating thumbnail: File missing

Account Portal is a PHP web application that you run on a web server so that players can connect to a web page and create their own accounts and change their passwords without the server owner having to do manual inserts into the database.

Install Web Server

XAMPP is an easy to install distribution of the Apache web server that also contains some other useful tools. The Apache web server is what will be hosting your Account Portal application for creating accounts and changing passwords for your City of Heroes server.

  1. Install XAMPP 7.3.4 or greater into C:\xampp. For the account portal, the only option required is Apache, though installing all the features is a good idea if there's a chance you might use the server for other things like hosting forums or setting up a FTP server for transferring files.
  2. Install the Microsoft PHP drivers for SQL Server into C:\xampp\php\ext
  3. Modify your C:\xampp\php.ini and add the following sqlsrv extensions to the Dynamic Extensions section. Use version 7.3, thread-safe:
    extension=php_sqlsrv_73_ts_x64
    extension=php_pdo_sqlsrv_73_ts_x64
  4. Add C:\xampp\php to your Path windows system environment variable. (click Start, type environment, click on Edit the system environment variables, edit the Path system variable, add a new entry for C:\xampp\php)

Clone Repository

Obtain the Account Portal source code from the latest version of the master branch on GitHub. Example using the SourceTree app (see Install SourceTree) for Git:

  1. If you do not already have one, create a new account at GitHub (different account from the OuroDev Git account)
  2. Run SourceTree. If you already have other tabs open, click on the + at the top of the screen to create a new tab.
    Error creating thumbnail: File missing
  3. Click on Clone at the top of the page.
    Error creating thumbnail: File missing
  4. Enter the Source Path: https://github.com/auroris/City-of-Heroes-Account-Portal This will prompt you for credentials, use your GitHub account.
  5. Enter the Destination Path: C:\Git\CoX\City-of-Heroes-Account-Portal
  6. Leave the rest as the defaults, and click on Clone. This will copy the latest files from the master branch to your destination path on your hard drive.
    Error creating thumbnail: File missing
  7. Copy all of the files from C:\Git\CoX\City-of-Heroes-Account-Portal to C:\xampp\htdocs

Configure Account Portal

  1. Open a windows command prompt and type the following to download some required library files:
    cd C:\xampp\htdocs
    php composer.phar install
  2. Copy dbquery.exe into C:\Ouroboros\bin. Either download the file from http://build.ourodev.com/ (not available yet, will be added there shortly) or build it yourself from the CoX/Source repository (see Clone Volume 2 repositories): in Visual Studio, open C:\Git\CoX\Source\MasterSolution\MasterSolution.sln, right-click on dbquery in the list and select build. The dbquery.exe file should show up in the C:\Git\CoX\Source\Mapserver folder, then you can copy it from there into C:\Ouroboros\bin.
  3. Go into C:\xampp\htdocs\config. Rename config.env.example to config.env and edit the file:
    1. Change the db_password to your database server's credentials.
    2. Change the dbquery entry to: dbquery="C:\\Ouroboros\\bin\\dbquery.exe".
    3. Change the portal_name to the name of your server, this will show on the web page when people visit your account portal web page.
    4. Change your portal_key and portal_iv. Just put some random typing as the values here.
  4. Add a unique index to column uid on cohauth.dbo.user_account to reduce the possibility of account uid collisions when multiple people are creating accounts at the same time. Open SQL Server Management Studio, expand "Databases", then right click on cohauth and select "New Query" from the menu. Paste this into the new query, then click on Execute:
    CREATE UNIQUE INDEX AccountUID ON cohauth.dbo.user_account (uid);
  5. Double-click on C:\xampp\xampp_control.exe. This will show you a user interface for starting, stopping, and configuring the Apache web server as well as the other applications that came with XAMPP.
  6. Stop the Apache service, then start it again, to make sure that all of your changes get loaded correctly.
    Error creating thumbnail: File missing

Port forwarding

If your server is behind a router, you will need to set up some more port forwarding rules on your router, so that traffic arriving meant for your web server is allowed through the router and sent to your server. This is done by connecting to the Admin page for your router in a web browser (usually 192.168.1.1, may differ slightly depending on the brand of router), and setting up port forwarding rules (often under the WAN section).

Set up 2 port forwarding rules, with the external ports as below and the Local IP Address as that of your web server (192.x.x.x, replace the x's with your address).

  • External Port 80, Protocol: TCP (this is for http traffic)
  • External Port 443, Protocol: TCP (this is for https traffic)

Set up HTTPS

It is recommended that you set up HTTPS on your Apache server. HTTPS is important because usernames and passwords are being transmitted. HTTPS makes the transmission encrypted, as opposed to just plain text that anybody along the path can see. If you're just hosting for people attached via LAN or a VPN that you control, you're fine to leave it http only. But any internet-facing server that has people creating accounts from web browsers connecting from outside of your LAN should be HTTPS enabled.

This requires having a domain set up for yourself. Either by using a Dynamic DNS for free, or by purchasing a domain name from somewhere for a small annual fee.

These instructions use the site https://zerossl.com/free-ssl. There are other sites out there that provide similar services, this is just an example of a fairly user-friendly site.

  1. Create some new folders: C:\xampp\certificates and C:\xampp\htdocs\.well-known\acme-challenge.
  2. Ensure that your Apache server is started, through your xampp Control Panel
  3. Visit https://zerossl.com/free-ssl/#howtocrt. Reading through the first section is recommended, it explains a few things about the process. Then click on Start SSL Certificate Wizard.
  4. Enter your email address so that you will be notified when your certificate is about to expire so that you can renew it. Enter your domain name.
  5. Select HTTP verification, accept the TOS, accept the Subscriber agreement, click on Next.
    Error creating thumbnail: File missing
  6. Click No when asked if you want to include the www-prefixed version too.
  7. Click on Download to get a copy of the Certificate Signing Request(CSR) that gets generated. Save it to C:\xampp\certificates. Click on Next.
    Error creating thumbnail: File missing
  8. Click on Download to get a copy of the Account Key that gets generated. Save it to C:\xampp\certificates. Click on Next.
    Error creating thumbnail: File missing
  9. Click on Download to get a copy of the verification file that gets generated. Save it to C:\xampp\htdocs\.well-known\acme-challenge. Click on Next.
    Error creating thumbnail: File missing
  10. Read the page that tells you your certificate is ready. Write down your account ID somewhere.
  11. Click on the two download links to get a copy of the domain certificate file and the domain key file that get generated. Save them to C:\xampp\certificates as domain-crt.txt and domain-key.txt.
  12. Edit the file C:\xampp\apache\conf\extra\httpd-vhosts.conf. Change the text of the file below the commented out section to read the following, replacing all the instances of yourhost.domain.org with your own domain name.
<VirtualHost *:80>
    ServerName yourhost.domain.org
	#Redirect http requests to https
	Redirect permanent "/" "https://yourhost.domain.org"
    ErrorLog "${SITEROOT}/logs/yourhost.domain.org-error.log"
    CustomLog "${SITEROOT}/logs/yourhost.domain.org-access.log" common
</VirtualHost>

<VirtualHost *:443>
    ServerName yourhost.domain.org
    DocumentRoot "${SITEROOT}"
    ErrorLog "${SITEROOT}/logs/yourhost.domain.org-error.log"
    CustomLog "${SITEROOT}/logs/yourhost.domain.org-access.log" common
	SSLEngine on
    SSLCertificateFile "${CERTROOT}/domain-crt.txt"
    SSLCertificateKeyFile "${CERTROOT}/domain-key.txt"
</VirtualHost>