Auth Redux Mod v2.14
auth_rx (by sorcerykid)
Auth Redux is a drop-in replacement for the builtin authentication handler of Minetest. It is designed from the ground up to be robust and secure enough for use on high-traffic Minetest servers, while also addressing a number of outstanding engine bugs (including #5334 and #6783 and #4451) as described last year in the Critical bug in builtin authentication handler forum topic.
Recommended Enhancement: The DataMiner Mod extends the capabilities of Auth Redux, providing comprehensive player and server statistics within a graphical user-interface, in addition to an API for custom-tailored log analysis and reporting directly from the command line
Repository:
https://bitbucket.org/sorcerykid/auth_rx
https://gitlab.com/sorcerykid/auth_rx (mirror)
https://notabug.org/sorcerykid/auth_rx (mirror)
Download Archive (.zip)
Download Archive (.tar.gz)
Dependencies:
ActiveFormspecs Mod (optional)
Source Code License:
The MIT License (MIT)
Installation:
Only a few basic steps are required to begin using the Auth_Redux mod immediately with your server.
- Unzip the archive into the mods directory of your game
- Rename the auth_rx-master directory to "auth_rx"
- Execute the conversion scripts (see usage instructions below)
Documentation:
- Introduction
- Basic Database Import
- Advanced Database Import
- Working with Rulesets
- Command-Line Analytics Script
- Database Management Console
- Additional Callback Support
- Migrating to Auth Redux Lite
- Technical Information
Auth Redux provides an efficient and scalable back-end solution for player authentication, making it suitable for even the most demanding server environments. It has been put to the test with a database of over 520,000 registered users -- with no in-game overhead!
High-Performance Journaling System
To protect the master database against corruption and data loss, all transactions are serially recorded within a journal, thereby reducing the frequency and intensity of disk writes. In the event of a server crash or power outage, any pending transactions are committed to the master database.
Stateful Rule-Based Login Filtering
MARS is an easy-to-learn scripting language that affords a first line of defense against unwanted visitors. Both restrictive and permissive security models can be enforced via rulesets, allowing every login request to be filtered according to conditional action-chains with custom error messages.
Expanded Master Database Schema
The master database supports additional metadata to aid in reviewing and monitoring login activity, including the timestamp of the first login, the total time spent playing, the total number of player sessions, etc. This information can prove invaluable for command-line reporting and analysis tools.
Please notify me if you encounter technical problems, such as errors or incompatibilities. Bugs should be reported to the issue tracker.
Auth Redux vs SQLite3
Recently, I decided to benchmark the performance of Auth Redux in order to weed out any potential bottlenecks. So I put it to the test against two different SQLite3 implementations using a database of over 522,000 records from the JT2 server.
Much to my surprise, Auth Redux doesn't suffer at all when it comes to raw speed. It's insanely fast compared to both sauth and the new Minetest 5.0 builtin. For every test, it vastly out-performed these other authentication handlers. I'm talking orders of magnitude in the hundreds and even thousands, as shown by these baseline measurements:
Perhaps, the biggest area of concern for most admins is the execution time during player joins. If a high-traffic server averages around 30 players joining every minute at peak hour, sauth would consume over 20 seconds of CPU cycles (that is 1/3 of server time spent processing authorization). Meanwhile, auth_rx clocks in at just 3.8 milliseconds after 30 player joins.
For each test below, I performed five independent trials and averaged the results to get the most accurate figure possible.
As these benchmarks reveal, there is no discernible benefit to using an SQLite3 backend for authentication over a flat-file database, whether in terms of reliability or performance. If anything, SQLite3 databases are a hindrance when it comes to random access of large volumes of data, and more than likely the culprit for why some high-traffic servers lately are experiencing notable lag spikes.