I have just improved the Mediabot v3 Partyline login flow.
Until now, the Partyline accepted authentication with a direct command:
login <user> <password>
It worked, but it was not very elegant, and it was not ideal from a security point of view. The new behavior is now much closer to the classic Eggdrop partyline experience.
The Partyline now asks for the nickname first:
Mediabot Partyline
Please enter your nickname.
Then it asks for the password separately:
Enter your password.
The password is no longer displayed in the terminal while typing.
After a successful login, the user gets a cleaner welcome message:
Connected to Mediabot Partyline.
Hey teuk! Welcome to the Mediabot partyline.
Local time is now ...
You are authenticated as Owner.
Commands start with '.' (like '.quit' or '.help').
Everything else goes out to the partyline.
The current Partyline users are still displayed automatically after login, just like before.
The important part: Partyline passwords are no longer logged in clear text.
The code now masks password input before writing debug logs, and Telnet echo is disabled while the password is being typed.
This means that during password entry:
login <user> <password> syntax is still handled for backward compatibility, but the password is masked in logs.This makes the Mediabot Partyline feel more natural for people used to Eggdrop:
Please enter your nickname.
Enter your password.
Connected to Mediabot Partyline.
Commands still start with a dot:
.help
.whom
.console 2
.quit
Everything else continues to be sent as partyline chat.
This is not a huge feature, but it makes the bot feel cleaner, safer, and closer to the IRC bot traditions it comes from.
The Partyline is an important admin and debugging tool. It should feel comfortable to use, but it should also avoid leaking sensitive input.
This commit is a small but meaningful step in that direction.
🪄 Muffliato Partyline: hide passwords and polish the login ritual
You must be logged in to reply.