Jump to content

Public Discord Auth Bot [WIP]


yamamushi

Recommended Posts

So many of you know that I wrote the Authorization system for the Dual Universe Community Discord Bot, which allows for you to link your forum account to Discord so that you can have access to the NDA channels in the DU Community Discord.

 

There are several hundred people using it at the moment, and although it's a bit of a process to use it, it seems to have gone over fairly well.

 

Here are some stats about the current linked backer accounts on Discord:

 

Backer-PieChart-Aug_31_06-36-18.png

 

I was thinking about possibly exporting the account information in the bot database into another database, and creating a separate public Auth bot for discord that would allow for any discord to verify whether or not their members have NDA access.

This would let other groups have their own NDA channels, so they could discuss NDA topics in a safer way.


However, I'm aware that this would have privacy implications for people using the auth bot on the DU Community Discord.

So I am wondering, would anyone be opposed to me doing this, or would you guys rather me not do it and just let other discords figure out their own way of verifying people?

It's not going to hurt my feelings if you guys don't want me to create it, I just thought that perhaps it might be useful for the various communities out there.

Link to comment
Share on other sites

I was considering asking about this a week or so ago for the terran union but I quickly answered my own question. Why do we need our own when we could just have someone verify themselves in the DU discord, and perhaps even ping us in an authorization channel, then have someone apply the appropriate tags to grant that person access to NDA channels.

 

Its less overhead for the other organizations overall, and it verifies you for the DU discord as an added benefit.

 

I don't see why not, but I also don't see as to why either.

Link to comment
Share on other sites

GDPR is not so easy subject. Technicly it apply only with company/organization storing identyfication data, It do not apply to person(not being an organization).

 

So technicly as a person you can have database of other peoples. But company like NQ can't give it to you.

 

For me it's greate idea :) 

Link to comment
Share on other sites

I will work on this bot then, seeing as how many people have told me they'd find a use for it.

 

Obviously, it's going to be open source, but the database it connects to will remain private for (also) obvious reasons.

 

I'll update here or make a new thread when it's ready, and I'll reach out to people who I've spoken to about testing it in their own discords.

 

I'm not a company, so GDPR doesn't apply here. 

 

The authorization process will still start within the DU Community Discord, so members will still need to auth that way, but it will then sync out to individual discords so that permissions are maintained wherever the bot is used. 

 

Of course, individual discords can override the auth on their own servers, but this is merely going to be a way for automating the process so that backer roles are in sync wherever users go. 

 

At the moment I would argue that this is the most trusted verification system for pre-alpha members on Discord, but that will speak for itself over the coming weeks.

Link to comment
Share on other sites

Technically, a bot can connect to your Discord server and compare users ID and groups.

So, all information is already "public".

 

GDPR does not apply to a person (assuming the Discord management is not considered an "organization", I didn't check the GDPR definition and all its local adaptations),

Local legislation does apply though, and sharing personal information without consent is illegal in several EU countries.

In theory, you should inform any player of the implications before they register (if they process, they consent).

 

On the development side, I would start by publishing a list of { discord_id, name, pledge_level } on an API.

- The bot is just sugar on top of it and can be open sourced.

- If someone wants to code his/her own bot, he/she can do so too.

 

@DarkHorizon from an organization perspective, users may not like to give their info to an external Discord, be it the Discord community one.

 

Regards,

Shadow

Link to comment
Share on other sites

@yamamushi

Looks like this bot only works if someone has previously authorized themselves on the unofficial DU Discord. Anyone who has not done so gets an "Error: not found" response.

I may be missing something but it should not be a prerequisite to visit the unofficial discord and register there to be able to use the bot.

Link to comment
Share on other sites

22 hours ago, blazemonger said:

@yamamushi

Looks like this bot only works if someone has previously authorized themselves on the unofficial DU Discord. Anyone who has not done so gets an "Error: not found" response.

I may be missing something but it should not be a prerequisite to visit the unofficial discord and register there to be able to use the bot.

 

*Official Dual Universe Discord ? 

Of course, the Discord Staff has been aware of this handover, we just couldn't tell anyone. 

The reasons for the requirement of authing on it should be more clear now, it wasn't an arbitrary decision ?

 



 

Link to comment
Share on other sites

The operation of the official discord server was approved before being handed over, it was done with the agreement that nothing would be changing about the day to day operation or the functionality of the bots or auth process. 

 

As I said in a previous comment, it would soon become apparent why this is the most trusted authorization process for Discord. 

 

It's not like this stuff is closed source, and I have always been willing to let people contribute to it, just nobody has ever taken the initiative to submit code for it, and up till now, it has only been me working on the bots. 

Link to comment
Share on other sites

Yeah no, there shouldn't even be community members as moderators, to many hands in the cookie jar, and it is subject to people acting in regards to personal vendettas. On top of a bot that isn't exclusively NQ written, to much potential for shady stuff to happen.

Link to comment
Share on other sites

1 hour ago, Tex007 said:

Yeah no, there shouldn't even be community members as moderators, to many hands in the cookie jar, and it is subject to people acting in regards to personal vendettas.

You already have community moderators on the forums :P. There is no much difference with Discord.

I'm assuming that NQ now has management rights and that they can react if they don't like moderators work (as they have being working on moderation for quite some time now, so it's not like they gave the keys to anonymous players).

 

As for the bot, I'm a bit worried about giving information to unknown players, but making the server official doesn't change anything: everyone was already doing it before and you are still free to not use it.

 

~ Merwyn

Link to comment
Share on other sites

Is everyone who isn't going to use it going to post about it? ?

 

Meanwhile, almost 500 people (a quarter of the official Discord) are using the auth system now without issue, and it is in use on several Discord servers:

 

Backer-PieChart-Sep_11_15-59-07.png 

 

 

I am pushing out some feature updates for Discord owners tonight as well. 

 

Chances are they won't roll out until the late AM central US time, so keep an eye out on Github for the changelog ? 

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...