Archive:Account Portal: Difference between revisions

From OuroDev
No edit summary
Red Nile (talk | contribs)
Updated steps for installing and setting up Account Portal
Line 1: Line 1:
[[File:Account-Portal-Cover.jpg|thumb]]
[[File:Account-Portal-Cover.jpg|thumb]]


A PHP application to allow users to create their own accounts and change their passwords.  
A PHP web application that you run on a web server so that players can connect to a web page and create their own accounts and change their passwords without the server owner having to do manual inserts into the database.


Obtain the source code from Github (https://github.com/auroris/City-of-Heroes-Account-Portal)
== Install Web Server ==
XAMPP is an easy to install distribution of the Apache web server that also contains some other useful tools. The Apache web server is what will be hosting your Account Portal application for creating accounts and changing passwords for your City of Heroes server.


== Note ==
# Install [https://www.apachefriends.org/index.html XAMPP] 7.3.4 or greater into {{ms|C:\xampp}}.  For the account portal, the only option required is Apache, though installing all the features is a good idea if there's a chance you might use the server for other things like hosting forums or setting up a FTP server for transferring files.
Version 1.0 has a possible SQL injection exploit. Make sure to use the newest version or try out version 2.0
# Install the [https://www.microsoft.com/en-us/download/details.aspx?id=57916 Microsoft PHP drivers for SQL Server] into {{ms|C:\xampp\php\ext}}
# Modify your {{ms|C:\xampp\php.ini}} and add the following sqlsrv extensions to the {{ms|Dynamic Extensions}} section. Use version 7.3, thread-safe:
#:{{ms|<nowiki>extension=php_sqlsrv_73_ts_x64</nowiki>}}
#:{{ms|<nowiki>extension=php_pdo_sqlsrv_73_ts_x64</nowiki>}}
#Add {{ms|C:\xampp\php}} to your {{ms|Path}} windows system environment variable. (click Start, type {{ms|environment}}, click on Edit the system environment variables, edit the Path system variable, add a new entry for C:\xampp\php)


==Instructions==
== Clone Repository ==
Obtain the Account Portal source code from the latest version of the master branch on GitHub.  Example using the SourceTree app (see [[Volume_2_Build#Install_SourceTree|Install SourceTree]]) for Git:
#If you do not already have one, create a new account at [https://github.com GitHub] (different account from the OuroDev Git account)
#Run SourceTree.  If you already have other tabs open, click on the + at the top of the screen to create a new tab.
#: [[File:Sourcetree3.jpg|thumb|none]]
#Click on Clone at the top of the page.
#: [[File:Sourcetree1.jpg|thumb|none]]
#Enter the Source Path: {{ms|<nowiki>https://github.com/auroris/City-of-Heroes-Account-Portal</nowiki>}} This will prompt you for credentials, use your GitHub account.
#Enter the Destination Path: {{ms|C:\Git\CoX\City-of-Heroes-Account-Portal}}
#Leave the rest as the defaults, and click on Clone.  This will copy the latest files from the master branch to your destination path on your hard drive.
#: [[File:AccountPortal1.jpg|thumb|none]]
#Copy all of the files from {{ms|C:\Git\CoX\City-of-Heroes-Account-Portal}} to {{ms|C:\xampp\htdocs}}


# Install XAMPP for Windows (https://www.apachefriends.org/index.html). You only need the Apache module, unless you're doing other stuff with your server too.
== Configure Account Portal ==
# Install the Microsoft PHP drivers for SQL Server (https://www.microsoft.com/en-us/download/details.aspx?id=57916). If you installed XAMPP into the default location, then the place you want to unpack the PHP drivers is C:\xampp\php\ext
#Open a windows command prompt and type the following to download some required library files:
# Modify your C:\xampp\php.ini and include the sqlsrv extension in your Dynamic Extensions section. XAMPP PHP is version 7.3, thread-safe. See below for specific settings.
#:{ms|cd C:\xampp\htdocs}}
# Restart Apache
#:{ms|php composer.phar install}}
# You will definitely want to modify index.php; you don't want your users creating an account and then attempting to log into my server.
#Copy {{ms|dbquery.exe}} into {{ms|C:\Ouroboros\bin}}. Either download the file from http://build.ourodev.com/ (not available yet, will be added there shortly) or build it yourself: in Visual Studio, open C:\Git\CoX\Source\MasterSolution\MasterSolution.sln, right-click on dbquery in the list and select build. The dbquery.exe file should show up in the C:\Git\CoX\Source\Mapserver folder, then you can copy it from there into C:\Ouroboros\bin.
# I recommend you also set up HTTPS on your Apache server, I used Win-Acme (https://github.com/PKISharp/win-acme). The instructions for Apache is https://github.com/PKISharp/win-acme/wiki/Apache-2.4-basic-usage.
#Go into C:\xampp\htdocs\config.  Rename config.env.example to config.env and edit the file:
##Change the {{ms|db_password}} to your database server's credentials.
##Change the {{ms|dbquery}} entry to: {{ms|<nowiki>dbquery="C:\\Ouroboros\\bin\\dbquery.exe"</nowiki>}}.
##Change the {{ms|portal_name}} to the name of your server, this will show on the web page when people visit your account portal web page.
##Change your portal_key and portal_iv. Just put some random typing as the values here.
#Add a unique index to column uid on cohauth.dbo.user_account to reduce the possibility of account uid collisions when multiple people are creating accounts at the same time.  Open SQL Server Management Studio, expand "Databases", then right click on cohauth and select "New Query" from the menu.  Paste this into the new query, then click on Execute:
#:{{ms|CREATE UNIQUE INDEX AccountUID ON cohauth.dbo.user_account (uid);}}
#Double-click on C:\xampp\xampp_control.exe. This will show you a user interface for starting, stopping, and configuring the Apache web server as well as the other applications that came with XAMPP.
#Stop the Apache service, then start it again, to make sure that all of your changes get loaded correctly.
#: [[File:Xampp1.jpg|thumb|none]]


Have fun :)
== Set up HTTPS ==
It is recommended that you set up HTTPS on your Apache server. HTTPS is important because usernames and passwords are being transmitted. HTTPS makes the transmission encrypted, as opposed to just plain text that anybody along the path can see. If you're just hosting for people attached via LAN or a VPN that you control, you're fine to leave it http only.  But any internet-facing server that has people creating accounts from web browsers connecting from outside of your LAN should be HTTPS enabled.


==PHP.ini Settings==
To Do: add steps for obtaining HTTPS certificates and setting them up on the server
extension=php_sqlsrv_73_ts_x64
extension=php_pdo_sqlsrv_73_ts_x64

Revision as of 12:53, 1 July 2019

Error creating thumbnail: File missing

A PHP web application that you run on a web server so that players can connect to a web page and create their own accounts and change their passwords without the server owner having to do manual inserts into the database.

Install Web Server

XAMPP is an easy to install distribution of the Apache web server that also contains some other useful tools. The Apache web server is what will be hosting your Account Portal application for creating accounts and changing passwords for your City of Heroes server.

  1. Install XAMPP 7.3.4 or greater into C:\xampp. For the account portal, the only option required is Apache, though installing all the features is a good idea if there's a chance you might use the server for other things like hosting forums or setting up a FTP server for transferring files.
  2. Install the Microsoft PHP drivers for SQL Server into C:\xampp\php\ext
  3. Modify your C:\xampp\php.ini and add the following sqlsrv extensions to the Dynamic Extensions section. Use version 7.3, thread-safe:
    extension=php_sqlsrv_73_ts_x64
    extension=php_pdo_sqlsrv_73_ts_x64
  4. Add C:\xampp\php to your Path windows system environment variable. (click Start, type environment, click on Edit the system environment variables, edit the Path system variable, add a new entry for C:\xampp\php)

Clone Repository

Obtain the Account Portal source code from the latest version of the master branch on GitHub. Example using the SourceTree app (see Install SourceTree) for Git:

  1. If you do not already have one, create a new account at GitHub (different account from the OuroDev Git account)
  2. Run SourceTree. If you already have other tabs open, click on the + at the top of the screen to create a new tab.
    Error creating thumbnail: File missing
  3. Click on Clone at the top of the page.
    Error creating thumbnail: File missing
  4. Enter the Source Path: https://github.com/auroris/City-of-Heroes-Account-Portal This will prompt you for credentials, use your GitHub account.
  5. Enter the Destination Path: C:\Git\CoX\City-of-Heroes-Account-Portal
  6. Leave the rest as the defaults, and click on Clone. This will copy the latest files from the master branch to your destination path on your hard drive.
    Error creating thumbnail: File missing
  7. Copy all of the files from C:\Git\CoX\City-of-Heroes-Account-Portal to C:\xampp\htdocs

Configure Account Portal

  1. Open a windows command prompt and type the following to download some required library files:
    {ms|cd C:\xampp\htdocs}}
    {ms|php composer.phar install}}
  2. Copy dbquery.exe into C:\Ouroboros\bin. Either download the file from http://build.ourodev.com/ (not available yet, will be added there shortly) or build it yourself: in Visual Studio, open C:\Git\CoX\Source\MasterSolution\MasterSolution.sln, right-click on dbquery in the list and select build. The dbquery.exe file should show up in the C:\Git\CoX\Source\Mapserver folder, then you can copy it from there into C:\Ouroboros\bin.
  3. Go into C:\xampp\htdocs\config. Rename config.env.example to config.env and edit the file:
    1. Change the db_password to your database server's credentials.
    2. Change the dbquery entry to: dbquery="C:\\Ouroboros\\bin\\dbquery.exe".
    3. Change the portal_name to the name of your server, this will show on the web page when people visit your account portal web page.
    4. Change your portal_key and portal_iv. Just put some random typing as the values here.
  4. Add a unique index to column uid on cohauth.dbo.user_account to reduce the possibility of account uid collisions when multiple people are creating accounts at the same time. Open SQL Server Management Studio, expand "Databases", then right click on cohauth and select "New Query" from the menu. Paste this into the new query, then click on Execute:
    CREATE UNIQUE INDEX AccountUID ON cohauth.dbo.user_account (uid);
  5. Double-click on C:\xampp\xampp_control.exe. This will show you a user interface for starting, stopping, and configuring the Apache web server as well as the other applications that came with XAMPP.
  6. Stop the Apache service, then start it again, to make sure that all of your changes get loaded correctly.
    Error creating thumbnail: File missing

Set up HTTPS

It is recommended that you set up HTTPS on your Apache server. HTTPS is important because usernames and passwords are being transmitted. HTTPS makes the transmission encrypted, as opposed to just plain text that anybody along the path can see. If you're just hosting for people attached via LAN or a VPN that you control, you're fine to leave it http only. But any internet-facing server that has people creating accounts from web browsers connecting from outside of your LAN should be HTTPS enabled.

To Do: add steps for obtaining HTTPS certificates and setting them up on the server