In T15848#19430, @valerio.bozzolan wrote:

I would like to better understand the root problem.

Why changing the current user agent should improve the situation?

@valerio.bozzolan: thats not what Andre says. He says another area of the code uses a terrible user agent and we should change that to a better one at the same time.

I would like to better understand the root problem. I see that Cloudflare was showing a captcha to Phorge (what Phorge?). It seems it was because an user agent was missing. But aklapper said that we are already setting an user agent.

That would probably be a better User-Agent

/settings/panel/multifactor/ requires users to add a custom Name so there is likely code to adapt/reuse for /settings/panel/apitokens/

https://we.phorge.it/source/phorge/browse/master/src/applications/auth/adapter/PhutilGitHubAuthAdapter.php$57-58 uses a boring
$future->addHeader('User-Agent', __CLASS__); for this.

Thanks again :) Giving right credits

done...

Yeah, probably. I'll try to do it tonight.

Can this (I mean rPb445e1d80df9 )be backported into stable?

Heck yeah, changing phutil_nonempty_string() to phutil_nonempty_stringlike() there fixed the issue I had mentioned in a comment in T15737: Include information for installing required PHP version in Diviner docs.

PHP 8.2.14, Phorge at cc964550f945b08c64970c01a34b55314e8ef0aa

1. As an admin, check that /config/edit/user.require-real-name/ is set to Make real names optional
2. Log out of Phorge
3. Go to http://phorge.localhost/auth/register/
4. See that the Real Name field does not state Required on the right
5. Enter values into the fields Username, Password, Confirm Password, Email
6. Click the Register Account button

Reference: rPdfcccd4cb882a171d10ba8a5c2763dcc73654256

Sounds easy enough to implement.

Doc(s) on new extensions: I remember having a chapter under /book/contrib/, but I can't find it now. We should build a guide under T15030.
Short answer: create a new repo, make an src dir with all the code, and run arc liberate to create a "library" (including __phutil_library_init__.php and __phutil_library_map__.php), and then add the path of the extension to load-libraries in conf.json.

In T15708#15014, @avivey wrote:

I'd like to see this as an Extension rather then go into the rP, just because we want to have more stuff as extensions; I think this area is abstracted enough so that it can easily be made that way.

That could be a good target as well for this, Is there docs on how extensions should be made?

I'd like to see this as an Extension rather then go into the rP, just because we want to have more stuff as extensions; I think this area is abstracted enough so that it can easily be made that way.

@valerio.bozzolan & @avivey What is the best practice for setting up the role/server check when new users attempt to auth via the oauth, you can't set limits on the oauth from discords side of view so you'd need to set them up on phorge, I've put down some ideas in the above comment.

How would i go about implementing it such that for a user to sign in with discord they need to have certain roles.

Can you try changing this line in your local install?

In addition, it seems only the owner can see their stuff here.

I totally agree with these additional considerations. Thanks.

Since we already show the full (public) key when editing, then I don't see a reason not to show it after it's revoked.

It's enabled by default - https://we.phorge.it/source/phorge/browse/master/src/applications/people/config/PhabricatorUserConfigOptions.php$48