https://www.ejabberd.im/forum/28697/how-auth-external-script-use-isuser-internal en https://www.ejabberd.im/forum/28697/how-auth-external-script-use-isuser-internal#comment-67373 <p>Thanks for your reply.</p> <p>I ended up doing it differently, by creating and endpoint in our custom REST API (behind oauth2) that generates and returns a password and sets that for the ejabberd user.</p> Mon, 13 Mar 2017 07:51:30 +0000 JohnNL comment 67373 at https://www.ejabberd.im https://www.ejabberd.im/forum/28697/how-auth-external-script-use-isuser-internal#comment-67370 <div class="quote-msg"> <div class="quote-author"><em>JohnNL</em> wrote:</div> <p>But also the registering of users will be taken over by the custom script.</p></div> <p>Of course! If you configure ejabberd to use your script to verify user passwords when authenticating, then it uses your script to set new passwords.</p> <div class="quote-msg"> <div class="quote-author"><em>JohnNL</em> wrote:</div> <p>If I try to register via web dashboard or ejabberdctl, the user will not be in the list of registered users on web dashboard or in the registered_users response.</p></div> <p>See the option extauth_cache, it may help you regarding administration tools like WebAdmin and commands.<br /> <a href="https://docs.ejabberd.im/admin/configuration/" title="https://docs.ejabberd.im/admin/configuration/">https://docs.ejabberd.im/admin/configuration/</a></p> <div class="quote-msg"> <div class="quote-author"><em>JohnNL</em> wrote:</div> <p>I see an incoming 'tryregister' in my script, but no matter if I respond 0 or 1 the user will not be created in ejabberd.</p></div> <p>What is a "user" to you? To me, a user is a username+password that is verified when a client wants to login, and also the associated data (roster, vcard, offline messages...). In this sense, "creating" a user means registering its credentials (username+password). Later when the user first logins, he can set its basic data (roster contacts, vcard information...).</p> <div class="quote-msg"> <div class="quote-author"><em>JohnNL</em> wrote:</div> <p>So I'll have to keep track of users on my side, but the vcard info is still in ejabberd? That sounds weird and error prone to me.</p></div> <p>Right, your auth script takes care of authentication (as it name indicates). The other user associated information (roster, offline messages, private storage, privacy lists...) is managed by ejabberd.</p> Wed, 08 Mar 2017 10:44:27 +0000 badlop comment 67370 at https://www.ejabberd.im https://www.ejabberd.im/forum/28697/how-auth-external-script-use-isuser-internal#comment-67363 <p>But also the registering of users will be taken over by the custom script. If I try to register via web dashboard or ejabberdctl, the user will not be in the list of registered users on web dashboard or in the registered_users response. I see an incoming 'tryregister' in my script, but no matter if I respond 0 or 1 the user will not be created in ejabberd.</p> <p>So I'll have to keep track of users on my side, but the vcard info is still in ejabberd? That sounds weird and error prone to me.</p> Tue, 07 Mar 2017 09:16:38 +0000 JohnNL comment 67363 at https://www.ejabberd.im https://www.ejabberd.im/forum/28697/how-auth-external-script-use-isuser-internal#comment-67359 <p>&gt; So the idea is to do all user related stuff yourself if using `auth_method: external`?</p> <p>Not ALL user related stuff, only AUTH related. So, checking if the user exists, and if the password is valid, will be decided by your external script. Everything else is still stored and managed by ejabberd: vcards, rosters, subscriptions, user presence...</p> Mon, 06 Mar 2017 14:37:27 +0000 badlop comment 67359 at https://www.ejabberd.im https://www.ejabberd.im/forum/28697/how-auth-external-script-use-isuser-internal#comment-67357 <p>So the idea is to do all user related stuff yourself if using `auth_method: external`?</p> <p>Why can I still set and get vcard info? Those users are not registered users in ejabberd anymore?</p> <p>And can I still get current status or other stuff from ejabberd?</p> Fri, 03 Mar 2017 16:59:01 +0000 JohnNL comment 67357 at https://www.ejabberd.im https://www.ejabberd.im/forum/28697/how-auth-external-script-use-isuser-internal#comment-67356 <p>My external auth script is in PHP. I don't speak any erlang.</p> <p>I not sure about the idea behind this. Why is it so difficult to leave everything up to ejabberd, except the actual authorisation?</p> Fri, 03 Mar 2017 08:29:36 +0000 JohnNL comment 67356 at https://www.ejabberd.im https://www.ejabberd.im/forum/28697/how-auth-external-script-use-isuser-internal#comment-67355 <p>My external auth script is in PHP. I don't speak any erlang.</p> <p>I not sure about the idea behind this. Why is it so difficult to leave everything up to ejabberd, except the actual authorisation?</p> Fri, 03 Mar 2017 08:28:53 +0000 JohnNL comment 67355 at https://www.ejabberd.im https://www.ejabberd.im/forum/28697/how-auth-external-script-use-isuser-internal#comment-67353 <p>You would have to modify the source code. For example, enable external, but in it overwrite the relevant functions definitions, that you copy from the internal source code.</p> Thu, 02 Mar 2017 19:55:58 +0000 badlop comment 67353 at https://www.ejabberd.im