2FA via Fediverse account, based on the original mod https://content.minetest.net/packages/mt-mods/otp/ by BuckarooBanzai
Lets Fediverse players use the /fediauth_on command to protect their account with a second factor.
Players that have the FediAuth enabled have to enter a verification code upon joining the game, the code will be sent to their account handle (@nick@example.com).
That mod requires add to secure.http_mods = fediauth for sending codes from service account (any mastodon API compatible instance)
Add fediauth.instance = example.com and fediauth.api_token = secret for work this mod.
Also you can enable fediauth.fedi_required option and players who not have fediverse account can't play on server
NOTE for server admins: remember, minetest can't revoke privileges from server admin (without change builtin lua code), for mitigation of it use separate account for administrative purposes and better secure way - terminal via ssh.
(now it mitigated, but not panic if you got locked in --terminal - just input /fediauth_unlock [random code above in console]; or just join to world as admin, also you can manage your server via szutil_consocket)
NOTE: this mod conflicts with original otp
License
- Code:
MIT - "basexx.lua"
MIThttps://github.com/aiq/basexx/blob/master/lib/basexx.lua
Textures:
- fediverse.png from https://commons.wikimedia.org/wiki/File:Fediverse_logo_proposal.svg by Eukombos, CC0 1.0
- checkmark.png (aka blobfoxcheck.png) from https://volpeon.ink/projects/emojis/blobfox/ by Feuerfuchs me@feuerfuchs.dev, Apache 2.0
Cool mod!
I love 2FA mods! this mod make a server safer!