-
Notifications
You must be signed in to change notification settings - Fork 1
Home
Before any commands can be sent to the server the client has to authenticate with user and password.
The user has to be unique and can exist only once.
This has to be done with the AUTH10
command followed by username and hashed password:
AUTH10|u8:<512 bit hash of password>|u8<length in bytes>|u8:<username>
.
The answer is a unique token generated out of user, password and random information:
TOKN10|u8:<512 bit hash of token>
.
The token can be generated only once for a given user. If the same user tries to generate a token again with another password hash the command is rejected. If the user sends the same username and password hash combination as before the token once generated is returned.
For all later operations the token is used. The token should be saved by the client and used for all operations.
A token can be created all 15 minutes (initially or by removal and recreation) from the client to avoid flooding the database. The client is identified by the ip address. If the timeout is is underrun the error is returend:
Error timeout underrun: STAT10|002
.
The server allows only a certain command queue depth at once to avoid flooding the memory. If the command queue depth is too deep the stream is simply dropped instantly. It would be the same as if the connection gets broken.
If the client wants to change the password of a user the command RETH10
has to be used:
RETH10|u8:<512 bit hash of token>|u8:<512 bit hash of new password>
.
The answer is a new unique token generated and returned as above in case of success.
In case of an error the status is returned:
Error not found: STAT10|001
.
If the client wants to remove a user it has to send the REMV10
command:
REMV10|u8:<512 bit hash of token>
.
In this case all information connected to the user is dropped too.
The answer is a status command STAT10
:
Success: STAT10|000
.
Error not found: STAT10|001
.
The server saves both username and password hash in a user table along with the generated token as primary key.