Colloquy Authorisers
~~~~~~~~~~~~~~~~~~~~

Colloquy stores user information in a single file on disc.  This includes
their username, password, location, occupation, last connection site,
talk time and such.  Normally, the password is stored as the MD5 hash of
the username and their password concatenated in this file, along with
their other information.  However, you can also define an "authoriser"
helper program, that will be used to authenticate a user, instead of
using the MD5 hash stored internally.

When a user is normally created by a master, they specify their username and 
their initial password using the .newuser command.  If the master then wants 
this user to be authenticated to an external authoriser, instead of the one 
inside colloquy, they can set a field in the user's infomation which 
specifies an authoriser, and what username to use:

  .userinfo username authenticator user@host:port

This tells colloquy that the user "username" is authenticated by connecting 
to the computer "host" on "port", and using the user name "user".

Colloquy connects to the authoriser via TCP, and uses the following protocol.  

Colloquy makes use of a connection to an authoriser only once, and closes the
connection once it has received an answer.  Passwords are send in the clear.
If this concerns you, remember the following:

  1) The password has been sent over the wire in the clear once
     already (the user provided it when logging on.)
  2) You can always run the authoriser locally.
  3) If you can't run it locally, you can always use stunnel or
     similar if you're still paranoid.

  Colloquy asks:       auth <user> <password>\n
  Authoriser replies:  auth <code> <message>\n

Colloquy wishes to know if <password> is valid for <user>.  The authoriser 
should reply, with <code> as "1" if the password is valid, or "0" if 
authentication failed.  (Be it an invalid password, or a networking problem,
or similar.)  Colloquy will display the message specified in either case, to 
the user.

  Colloquy asks:       pass <user> <old> <new>\n
  Authoriser replies:  pass <code> <message>\n

Colloquy wishes to change <user>'s password from <old> to <new>. The return 
code and message are the same for normal authentication.
