Minetest 2-factor Authentication Service[mt2fa]
Posted: Sun Jan 07, 2018 08:27
For the past weeks I have been working on an idea to solve several issues that currently exist due to the way minetest handles usernames and passwords, and I've made a solution that I will be sharing with everyone:
Minetest 2-Factor Authentication Service
This service consists of a mod and a backend that together create a 2-factor authentication service. This service creates a way for players, and for server owners, to create "trust" that can be verified. This "trust" is created by providing an email address, and this email address will be used by the service to confirm that the person who wants to interact (login, change IP address of the server, etc.) is actually in control of that email address.
Together, this allows server owners to verify that returning players are actually who they say they are, and players can verify that they're actually logging in on the correct server. If changes occur, for instance, the server changes IP address, then all transactions are on hold for that server until the server owner confirms the IP address.
Servers becomes a trusted thing. A server owner needs to register their server with the service, before they can have players register or authenticate. If the server changes IP addresses, the server owner will need to confirm this change.
Persons can register from any trusted server using an email address. This links the playername on that server to their identity. The email address is not stored on the game server, but will only be sent to the -factor server. Once the person confirms the identity, it can be used on other servers, and even on the same gameserver again for other player accounts.
Players become trusted on every server due to their connection to the registered Identity. This allows a person to have many identities, either on the same or on different servers.
Interactions:
The game server, the 2-factor service (from here on: mt2fa) interact through HTTPS. In general, events on the game server cause the sending of requests to the mt2fa service. If required, the player or server owner will sent an email with a confirmation token that they need to "click". This sends another HTTPS message back to the mt2fa service that the request is legitimate and confirmed. Meanwhile the game server sees the confirmation and the requested data is exchanged and the required changes are made.
In this way, the following things can happen:
- the game server owner registers the server
- the game server owner confirms an IP address change for a registered server
- the player registers their identity
- the player connects their identity to a playername on a specific game server
- the player authenticates on a specific game server
- the game server inquires whether a player must authenticate or not
What happens next is up to the server owner. They can decide to "enforce" or not:
- the server can require registration of users - either for all users, or for some, or for none
- the server can require authentication of users- either for all users, or for some, or for none
But, the player also gets to choose and force the server if they want to:
- if registration is not required for a user, they can still register themselves
- if authentication is not required for a user, they can still force the server to authenticate them
If registration or authentication is required for a player, or requested by themselves explicitly, they must complete this before a grace period expires, otherwise they will be removed from the server. During the grace period, the player will not have any player privs, and, if any of the interactions fail, the player will be removed from the server.
You can see that some server owners would make registration required for all players for instance, or authentication required for moderators and players with special privileges!
As of now, I have planned several more features:
- allowing a player to reset their passwords on a server, without interaction of the server owner
- allowing a player to change their email for their identify.
- allowing a server owner to change the email for their registered server.
Why am I writing this?
- some way to create a level of trust that allows players to say "it's really me" and having an actuall way to verify that, will certainly help some servers to open up to more players from the internet.
- some way for players to stay in control over their accounts on servers, prevent account sharing and borrowing and just being a little bit more careful with it.
- some way for players to recover a lost password without interaction, in a safe and validated way.
- a way for server owners to show the same level of trust - players can now verify and know that server owners also have to confirm their identity, and so there's a way to spot "stolen" server identities.
Are you using this yourself?
No. I do not intend to enable this for my own server. The server I run does not suffer from most of the problems that this is intended to solve due to its unique nature. I may change my mind in the future but for now I don't see a reason to.
How do I enable this or use this?
I have deployed a public instance of the mt2fa service. I will run this service and everyone is free to use it for the purposes shown above. I will also post a server `mod` that allows your server to use all the functionality listed above, and all the code (including all the server code) so that you can verify what it does, and help me develop it further.
You can run your own mt2fa instance, but I would not recommend it, as this would make things more complex for players, since then they would have identifies on several mt2fa servers. However, I won't stop you from doing this.
I will maintain and keep maintained the mt2fa public instance. You and anyone running a minetest server can use it as long as you want.
What about privacy?
I will post a privacy policy soon. It will be reasonable, there will be no sharing of any personal data, email etc. unless required by law. We will not post any specific data but we will monitor usage and make statistics available but not anything with personal data (emails).
Show me the code already!
This is the part you want for your server:
Minetest server mod Project: https://github.com/sofar/mt2fa
License: ISC
Dependencies: none
Archive download: https://github.com/sofar/mt2fa/archive/master.zip
You don't need this, you can, and probably should, use the public mt2fa server URL instead:
MT2FA Service daemon Project: https://github.com/sofar/mt2fa-server
License: ISC
Dependencies: nginx or apache,
Archive download: https://github.com/sofar/mt2fa-server/a ... master.zip
(Binaries for x86_64 linux will be posted at a later stage).
Minetest 2-Factor Authentication Service
This service consists of a mod and a backend that together create a 2-factor authentication service. This service creates a way for players, and for server owners, to create "trust" that can be verified. This "trust" is created by providing an email address, and this email address will be used by the service to confirm that the person who wants to interact (login, change IP address of the server, etc.) is actually in control of that email address.
Together, this allows server owners to verify that returning players are actually who they say they are, and players can verify that they're actually logging in on the correct server. If changes occur, for instance, the server changes IP address, then all transactions are on hold for that server until the server owner confirms the IP address.
Servers becomes a trusted thing. A server owner needs to register their server with the service, before they can have players register or authenticate. If the server changes IP addresses, the server owner will need to confirm this change.
Persons can register from any trusted server using an email address. This links the playername on that server to their identity. The email address is not stored on the game server, but will only be sent to the -factor server. Once the person confirms the identity, it can be used on other servers, and even on the same gameserver again for other player accounts.
Players become trusted on every server due to their connection to the registered Identity. This allows a person to have many identities, either on the same or on different servers.
Interactions:
The game server, the 2-factor service (from here on: mt2fa) interact through HTTPS. In general, events on the game server cause the sending of requests to the mt2fa service. If required, the player or server owner will sent an email with a confirmation token that they need to "click". This sends another HTTPS message back to the mt2fa service that the request is legitimate and confirmed. Meanwhile the game server sees the confirmation and the requested data is exchanged and the required changes are made.
In this way, the following things can happen:
- the game server owner registers the server
- the game server owner confirms an IP address change for a registered server
- the player registers their identity
- the player connects their identity to a playername on a specific game server
- the player authenticates on a specific game server
- the game server inquires whether a player must authenticate or not
What happens next is up to the server owner. They can decide to "enforce" or not:
- the server can require registration of users - either for all users, or for some, or for none
- the server can require authentication of users- either for all users, or for some, or for none
But, the player also gets to choose and force the server if they want to:
- if registration is not required for a user, they can still register themselves
- if authentication is not required for a user, they can still force the server to authenticate them
If registration or authentication is required for a player, or requested by themselves explicitly, they must complete this before a grace period expires, otherwise they will be removed from the server. During the grace period, the player will not have any player privs, and, if any of the interactions fail, the player will be removed from the server.
You can see that some server owners would make registration required for all players for instance, or authentication required for moderators and players with special privileges!
As of now, I have planned several more features:
- allowing a player to reset their passwords on a server, without interaction of the server owner
- allowing a player to change their email for their identify.
- allowing a server owner to change the email for their registered server.
Why am I writing this?
- some way to create a level of trust that allows players to say "it's really me" and having an actuall way to verify that, will certainly help some servers to open up to more players from the internet.
- some way for players to stay in control over their accounts on servers, prevent account sharing and borrowing and just being a little bit more careful with it.
- some way for players to recover a lost password without interaction, in a safe and validated way.
- a way for server owners to show the same level of trust - players can now verify and know that server owners also have to confirm their identity, and so there's a way to spot "stolen" server identities.
Are you using this yourself?
No. I do not intend to enable this for my own server. The server I run does not suffer from most of the problems that this is intended to solve due to its unique nature. I may change my mind in the future but for now I don't see a reason to.
How do I enable this or use this?
I have deployed a public instance of the mt2fa service. I will run this service and everyone is free to use it for the purposes shown above. I will also post a server `mod` that allows your server to use all the functionality listed above, and all the code (including all the server code) so that you can verify what it does, and help me develop it further.
You can run your own mt2fa instance, but I would not recommend it, as this would make things more complex for players, since then they would have identifies on several mt2fa servers. However, I won't stop you from doing this.
I will maintain and keep maintained the mt2fa public instance. You and anyone running a minetest server can use it as long as you want.
What about privacy?
I will post a privacy policy soon. It will be reasonable, there will be no sharing of any personal data, email etc. unless required by law. We will not post any specific data but we will monitor usage and make statistics available but not anything with personal data (emails).
Show me the code already!
This is the part you want for your server:
Minetest server mod Project: https://github.com/sofar/mt2fa
License: ISC
Dependencies: none
Archive download: https://github.com/sofar/mt2fa/archive/master.zip
You don't need this, you can, and probably should, use the public mt2fa server URL instead:
MT2FA Service daemon Project: https://github.com/sofar/mt2fa-server
License: ISC
Dependencies: nginx or apache,
Archive download: https://github.com/sofar/mt2fa-server/a ... master.zip
(Binaries for x86_64 linux will be posted at a later stage).