Braincase user sync - hamstar/Braincase GitHub Wiki

Back to Command Line Tools

Syncs users between dokuwki and linux.

It does this by checking for changes to the dokuwiki users file /etc/dokuwiki/auth.users.php and creating the user in linux.

However a better way of doing this would be to force the notifying of user accounts from dokuwiki. Then have a plugin that catches the email and dumps it to disk in json format. Then this script takes the json file creates the user in linux etc, and emails the user to tell them everything is setup.

This would present a security hole in the password is saved to disk for at least 1 minute with the password in clear text. It is possible to prevent anyone but the www-data user reading it however and the email could include a link for the user to reset their password.

To have complete security this way would be best though:

• Force the user to click a confirmation link, that forces a password change before they even sign into dokuwiki
• Force a password reset when the try to login through the shell