Friend list and console commands

[sirkitree]

I'm sure this would take some coordination on the front-end and back-end here, but there is a request for a friend list in Janus which I think also kinda ties in with this request for some console commands.

It would seem that there are some todos in the server codebase for authentication and since there are places that reference the userid in the server, I think it would be a good candidate for saving and tracking this sort of data. Perhaps the commands could be implemented in Node with commander and an api provided for the Janus front-end to execute these commands wither through console or with a UI.

Thoughts?

[UXVirtual]

Commander looks interesting. I'm assuming you can opt to provide your own string instead of using process.argv so you could read commands out of users chat text that way? Without any modifications to the JanusVR client you could add basic command parsing to the server in the Session.prototype.chat method in line 143 of src/Session.js. This would allow the existing chat functionality to be utilised. Currently there is no way to broadcast chat responses from the server to a single specific user which would be required for feedback on commands. Implementing it this way first would offer more flexibility for future development as new commands would not require changes to JanusVR client before they can be developed. It would be easy enough to add on UI to JanusVR at a later date for supported commands which would trigger commands over chat for the user.

Session.prototype.chat would also need to be extended to also allow the user to authenticate and store an encrypted password. These passwords could also be saved to a MySQL database or a file on disk (maybe provide both of these options for easier set up when developing locally) for long term storage so passwords will persist when the server restarts.

I'm not going to have time to look into this functionality today, but will probably get a chance later on in the week.

[UXVirtual]

I also imagine that including permission levels could be useful in the authentication system so that moderators and admins could trigger certain commands.

[UXVirtual]

One other thought... If we're going to be sending user passwords to the server it may pay to research ways of creating encrypted sockets between the JanusVR client and the server. Currently all data sent through the socket is sent in plain text and could be exploited via man-in-the-middle attacks or packet sniffing on the same network.

[sirkitree]

Some work being done on authentication: http://metaverse.systems/janus-auth/index.php

Reddit thread: http://www.reddit.com/r/janusVR/comments/3b9mmu/plugin_authentication_for_janus_server/