Jump to content
Alexoune001

Small request

Recommended Posts

 

Hello,

 

I turn to you after having done so and trying to test a recording system via my website (for the moment local test).

 

I know the API system is available, but I don't like and have never really managed to use API systems.

 

I checked in your documentation to encrypt the password and the Salt. However, it fits well in the user table, I manage to connect to the website (always test locally), but I cannot connect via the test account, on the client.exe.

 

So I would like to know if you could help me a little more, give me a sample code to encrypt the password AND the salt so that I can try to make my registration system.

 

I specify that it has been 2-3 days that I am trying to find a small solution (in PHP) to try to encrypt its correctly, I have the basis of the code, but I do not know if it is really good, knowing that it works well via the website but not the client.exe (I'm talking about the connection with the account I created via register.php).

 

<?php		
$id = gen_uuid();
$username = $_POST['Name'];
		
$pass = hash('sha256', $_POST['Password']);
$password = mb_strtoupper($pass, 'UTF-8');

$salt = bin2hex(random_bytes(64));
$salt_mdp = hash('sha256', $pass.$salt);
$salt_finish = strtoupper($salt_mdp, 'UTF-8');
?>

Thank you in advance if you can take me on the right track.

 

(Sorry for the translation, I don't speak English and sorry if it's not in the right section, I didn't really know where to put my message)

Share this post


Link to post
Share on other sites

I'd really not recommend doing this manually, and figure out a way to use the API really.

 

But if you insist to do it te hard way you could copy the registration system the client uses and look at what that does to make the password and save it. Just bear in mind that if you use SQLite you might cause some weird issues with the databases not saving or loading properly messing with it in two programs.

Share this post


Link to post
Share on other sites

I use MySQL for the user database so that I can better manage this with PHP;) I was very comfortable with PHP earlier, and that is why I prefer not to use the API, especially since I tried to set up, but it is not really done for me i think lol

Share this post


Link to post
Share on other sites

If you're comfortable with PHP the API should really not be an issue. It's nothing but some HTTP calls.

 

If HTTP Sessions and headers are too much for you, I would really not trust your homegrown account system with my information.

Share this post


Link to post
Share on other sites

If you change the user DB while the server is running you are very very likely to lose data and experience player rollbacks.

 

This is because the server retains DB info at all times and when saving if the DB has changed the server will panic and crash. 

 

 

That means that you can't add users via PHP. It's API or bust, it's literally why we made the API. 

Share this post


Link to post
Share on other sites

If you are very comfortable with php, then you really should be doing the registration through the API, I don't think messing with the database while the game is running is a good idea.

Share this post


Link to post
Share on other sites

 

Ah okay, thanks for your reply jc snider.

To answer other people: Yes I am comfortable in PHP.

It's just that I never really understood how the API works, even when reading the documentation.

Well if not, don't worry, I will try to read the documentation again and try to do something correct locally.

Thank you for your answers !

Share this post


Link to post
Share on other sites

example code for registration:

function APIcall_GET($server,$access_token,$calltype,$postData){
	// Setup cURL
	$ch = curl_init('http://'.$server.$calltype);
	curl_setopt_array($ch, array(
		CURLOPT_HTTPGET => TRUE,
		CURLOPT_RETURNTRANSFER => TRUE,
		CURLOPT_HTTPHEADER => array(
			'authorization: Bearer '.$access_token,
			'Content-Type: application/json'
		),
		CURLOPT_POSTFIELDS => json_encode($postData)
	));

	// Send the request
	$response = curl_exec($ch);

	// Check for errors
	if($response === FALSE){
		die(curl_error($ch));
	}

	// Decode the response
	$responseData = json_decode($response, TRUE);
	return $responseData;
}
$passwordhash = hash('sha256', $password);
$postData = array(
	'username' => $username,
	'password' => $passwordhash,
	'email' =>  $email
	);
$access_token = $login['access_token'];
$calltype  = '/api/v1/users/register';

$register = APIcall_GET($server,$access_token,$calltype,$postData);

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...