2024-02-09 21:05:31 +01:00
|
|
|
# factoriauth - an unofficial [Factorio](https://factorio.com) authentication server
|
|
|
|
|
|
|
|
Let's say you and your friends are
|
|
|
|
- on an oil rig,
|
|
|
|
- in space, or
|
|
|
|
- in the far future,
|
|
|
|
|
|
|
|
and you want to host a Factorio server. Because you don't have an internet connection (or the
|
|
|
|
official authentication servers don't exist anymore), your only option is to disable
|
|
|
|
`require_user_verification` in the server config - but this allows anyone to connect as any user,
|
|
|
|
which is no good, especially for PvP scenarios! Wouldn't it be great if you could set up your own
|
|
|
|
authentication server?
|
|
|
|
|
|
|
|
factoriauth is exactly that. It allows clients to log in as custom users provided by one of several
|
|
|
|
authentication backends (e.g. LDAP or a passwd-style file), and allows servers to validate that
|
|
|
|
these custom users are properly authenticated.
|
|
|
|
|
|
|
|
## Roadmap
|
|
|
|
|
|
|
|
### Complete
|
|
|
|
|
2024-02-10 20:08:47 +01:00
|
|
|
- server padlock generation (`POST /generate-server-padlock-2`)
|
|
|
|
- `user_server_key` generation (`POST /generate-user-server-key-2`)
|
|
|
|
- [user token generation](https://wiki.factorio.com/Web_authentication_API) and storage (`POST
|
|
|
|
/api-login`), without any actual authentication
|
2024-02-10 22:46:44 +01:00
|
|
|
- LDAP auth backend
|
2024-02-09 21:05:31 +01:00
|
|
|
|
|
|
|
### Planned
|
|
|
|
|
2024-02-10 22:46:44 +01:00
|
|
|
- more auth backends: user file, PAM(?)
|
2024-02-09 21:05:31 +01:00
|
|
|
- server padlock proxying (to allow e.g. factorio.com users to join servers using a custom auth
|
|
|
|
server)
|
|
|
|
|
|
|
|
### Unplanned
|
|
|
|
|
|
|
|
- [updater server functionality](https://wiki.factorio.com/Download_API)
|
|
|
|
- [mods server functionality](https://wiki.factorio.com/Mod_portal_API)
|
|
|
|
- [multiplayer lobby server functionality](https://wiki.factorio.com/Matchmaking_API)
|
|
|
|
|
|
|
|
## Setup
|
|
|
|
|
|
|
|
### Configuring factoriauth
|
|
|
|
|
2024-02-10 23:11:39 +01:00
|
|
|
Copy `config.toml.example` to `config.toml` and adjust as necessary.
|
2024-02-09 21:05:31 +01:00
|
|
|
|
|
|
|
### Configuring clients/servers
|
|
|
|
|
|
|
|
To use the auth server, the following snippet needs to be added to the clients' and servers'
|
|
|
|
`config.ini`, replacing the URL of the server as appropriate:
|
|
|
|
|
|
|
|
```ini
|
|
|
|
[servers]
|
|
|
|
auth-server=https://my-auth-server.example/
|
|
|
|
```
|
|
|
|
|
2024-02-10 23:11:39 +01:00
|
|
|
NOTE: If a client isn't entirely offline, you also need to override the updater server to an
|
2024-02-10 11:32:58 +01:00
|
|
|
invalid/unreachable address, otherwise the client will contact it with an invalid token on startup
|
|
|
|
and prompt for a re-login:
|
|
|
|
|
|
|
|
```ini
|
|
|
|
[servers]
|
|
|
|
updater-server=http://invalid.example
|
|
|
|
```
|
|
|
|
|
2024-02-09 21:05:31 +01:00
|
|
|
### Running factoriauth
|
|
|
|
|
2024-02-10 23:11:39 +01:00
|
|
|
Either use `cargo install --path .` and follow its instructions for how to update `$PATH`, then run
|
|
|
|
`factoriauth`, or run the program straight from the repository: `cargo run`.
|