Plugins: Provide limited login key in environment variable

adam12

Verified User
Joined
Feb 19, 2016
Messages
81
I'd love to see a way for DirectAdmin to provide a temporary login key for the user running the plugin. This would let me make API calls back into DirectAdmin without a) prompting them for their password or b) storing a login key or password for a super user and then having to securely fetch it through an elevated permission model (suid bin, etc).

This login key could be removed at the end of the plugin execution, or have a short expiry, etc.
 
Replying to myself:

Looks like this was already possible in 2004 from this thread and this feature.

But from what I can see, it seems to be currently broken? with this work around or this one maybe being a solution but really not an optimal one.

Here's the error message:

Rejected session for user admin because IP (0:0:0:0:0:0:0:1) doesn't match session file (my-remote-ip-of-user-logged-in)
 
For any sessions, if you're getting that error, just shut off the IP check:
https://www.directadmin.com/features.php?id=443

Some client systems rotate connections from their IPv6 to their IPv4 IP, so enforcing a constant IP won't work.
It's one less layer of security, but the odds of your cookie getting sniffed is fairly low.. just make sure you're running DA with https so the password and session cookies are all encrypted.

John
 
Back
Top