DOKK / manpages / debian 12 / libbot-basicbot-pluggable-perl / Bot::BasicBot::Pluggable::Module::Auth.3pm.en
Bot::BasicBot::Pluggable::Module::Auth(3pm) User Contributed Perl Documentation Bot::BasicBot::Pluggable::Module::Auth(3pm)

Bot::BasicBot::Pluggable::Module::Auth - authentication for Bot::BasicBot::Pluggable modules

version 1.20

This module catches messages at priority 1 and stops anything starting with '!' unless the user is authed. Most admin modules, e.g. Loader, can merely sit at priority 2 and assume the user is authed if the !command reaches them. If you want to use modules that can change bot state, like Loader or Vars, you almost certainly want this module.

The default user is 'admin' with password 'julia'. Change this.

!auth <username> <password>
Authenticate as an administrators. Logins timeout after an hour.
!adduser <username> <password>
Adds a user with the given password.
!deluser <username>
Deletes a user. Don't delete yourself, that's probably not a good idea.
!password <old password> <new password>
Change your current password (must be logged in first).
!users
List all the users the bot knows about.

This variable specifies the admin password. Its normally set via the !password directive and defaults to 'julia'. Please change this as soon as possible.
If this variable is true, the implicit authentication handling is disabled. Every module will have to check for authentication via the authed method, otherwise access is just granted. This is only useful to allow modules to handle directives starting with an exclamation mark without needing any authentication. And to make things even more interesting, you won't be warned that you haven't authenticated, so modules needing authentication will fail without any warning. It defaults to false and should probably never be changed. You've been warned.

The only useful method is "authed()":

Returns 1 if the given username is logged in, 0 otherwise: 

  if ($bot->module("Auth")->authed("jerakeen")) { ... }

All users are admins. This is fine at the moment, as the only things that need you to be logged in are admin functions. Passwords are stored in plaintext, and are trivial to extract for any module on the system. I don't consider this a bug, because I assume you trust the modules you're loading. If Auth is not loaded, all users effectively have admin permissions. This may not be a good idea, but is also not an Auth bug, it's an architecture bug.

Mario Domgoergen <mdom@cpan.org>

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

2022-10-14 perl v5.34.0