Inside3D!
     

Account System for the Quake Engine

 
Post new topic   Reply to topic    Inside3d Forums Forum Index -> Engine Programming
View previous topic :: View next topic  
Author Message
Team Xlink



Joined: 25 Jun 2009
Posts: 320

PostPosted: Tue Oct 06, 2009 9:42 pm    Post subject: Account System for the Quake Engine Reply with quote

Solved
_________________
Anonymous wrote:
if it works, it works. if it doesn't, HAHAHA!


Last edited by Team Xlink on Tue Nov 17, 2009 2:18 am; edited 1 time in total
Back to top
View user's profile Send private message
Irritant



Joined: 19 May 2008
Posts: 115
Location: Maryland

PostPosted: Wed Oct 07, 2009 2:36 am    Post subject: Reply with quote

I believe Jitspoe has done something like this for Paintball2.
_________________
http://red.planetarena.org - Alien Arena
Back to top
View user's profile Send private message Visit poster's website
Downsider



Joined: 16 Sep 2008
Posts: 478

PostPosted: Wed Oct 07, 2009 3:05 am    Post subject: Reply with quote

You'd need to write a master server/list server proggy up.
Back to top
View user's profile Send private message
jitspoe



Joined: 17 Jan 2005
Posts: 2

PostPosted: Wed Oct 07, 2009 4:11 am    Post subject: Re: Account System for the Quake Engine Reply with quote

I did make a login system for Paintball2. If I had the opportunity to go back and do it all over again, I probably wouldn't. More work than it's worth, in my opinion. Here are the basics of what I did:

The login server has a (mySQL) database with login ID's, password hashes, random numbers, names, and a bunch of other crap that isn't really necessary for other projects. A client will first contact the login server directly, passing a name. The login server will respond... actually, let me see if I can diagram the process out...

password on login server stored as md5(password + login id)

client -> login server: name
login server -> client: login ID number, random number (note: server saves random number in DB for later)
client -> login server: md5(md5(password + login ID) + random number)
login server -> client: md5(stored password hash + random number) == client response? pass : fail

client then connects to a game server
client -> game server: name (already done)
game server -> login server: name, unique id
(note: unique ID is basically just a random number the game server generates, so when the login server responds, we know what client it belongs to)
login server -> game server: unique id, login ID, random number
game server -> client: random number
(note: game server has a timeout for this and will try like 3 times before booting a client for not responding)
client -> game server: md5(md5(password + login ID) + random number)
game server -> login server: client response, unique id
login server -> game server: unique id, client response == md5(stored password hash + random number)? pass : fail
game server: kick client if failed

It's a bit unnecessarily complicated / overkill, but I wanted to make a system that pretty much made it impossible for anybody to get a password, since it isn't stored or transmitted anywhere.

I'd share, but the whole thing is a bit of a mess. It was basically my first project with PHP/mySQL. Initially, I was using HTTP, but that had issues with freezing if the server didn't respond fast enough (or dealing with multithreading), and lots of people had weird proxy/firewall/router settings that would let them connect to servers via UDP, but they had crazy secure tunnels with special javascript browser crap for HTTP, so I eventually just made a login server in C that listened for UDP packets, converted them to HTTP and sent them to a local web server for my old PHP code to parse since I didn't feel like rewriting it all. Some of the slower stuff I've rewritten in C, but the whole thing is a bit of a mess right now.

http://www.dplogin.com if you want to check it out.
_________________
Digital Paint Paintball2
jitspoe's joint
Back to top
View user's profile Send private message
r00k



Joined: 13 Nov 2004
Posts: 483

PostPosted: Wed Oct 07, 2009 11:10 am    Post subject: Reply with quote

Hmm couldnt you do this easily with a quakeC frontend and interface to something like frikfile? Reminds me of the old BBS style console login.
Actually Quake servers are becoming idle maybe a quakeC BBS would be fun to make Wink
Back to top
View user's profile Send private message
Team Xlink



Joined: 25 Jun 2009
Posts: 320

PostPosted: Wed Oct 07, 2009 8:44 pm    Post subject: Reply with quote

Well, then what if I hard coded names into the engine?

For Solitude, I want to prevent people that try to be a dev, but they aren't.

So it wouldn't be that big of a deal if they weren't changeable without a new engine release.

So, what if I skipped the whole network thing and hard coded them?
_________________
Anonymous wrote:
if it works, it works. if it doesn't, HAHAHA!
Back to top
View user's profile Send private message
ceriux



Joined: 06 Sep 2008
Posts: 969
Location: Florida, USA

PostPosted: Wed Oct 07, 2009 9:33 pm    Post subject: Reply with quote

why not just add in a dev cvar or something? and make it secretive? like idk...

imadevurnotlol 1

if its 1 developer stuff on

if its 0 developer stuff off

or are you trying to keep people who arnt devs from even accessing the game?

hmm what i'd do is through qc. like they were mentioning only id do it a little easyier id make an impulse that starts off and dont alias it while its off the player is constantly killed or cant move or do anything maybe it changemap to a black empty box? when the impulse number is put in the console they're aloud to move or it changes map to what ever you want? idk i think the not move thing would be easyier.
_________________
QuakeDB - Quake ModDB Group
Back to top
View user's profile Send private message Yahoo Messenger
Spike



Joined: 05 Nov 2004
Posts: 944
Location: UK

PostPosted: Wed Oct 07, 2009 9:50 pm    Post subject: Reply with quote

QuakeWorld has an rcon protocol, separate from the regular connection protocol.
For actual connections, it also has a password cvar which is sent to the server.
If its a dev thing, you hardly a log in screen.

cmd givemeauthffs

Then add the command in on the server, and leave the client as-is.
_________________
What's a signature?
Back to top
View user's profile Send private message Visit poster's website
Team Xlink



Joined: 25 Jun 2009
Posts: 320

PostPosted: Wed Oct 07, 2009 9:53 pm    Post subject: Reply with quote

Well, my goal is:

To have some way of knowing the player is a dev.

Which would give them privileges like a moderator has on a website forum they can do things others can't.

So the easy way would be to do it like if the name of the player is Team Xlink then #define DevMode else #define NormalMode

There is a problem with it tho, anyone could change there name to mine and then have the DevMode.

So the password system would help prevent that.
_________________
Anonymous wrote:
if it works, it works. if it doesn't, HAHAHA!
Back to top
View user's profile Send private message
Spike



Joined: 05 Nov 2004
Posts: 944
Location: UK

PostPosted: Wed Oct 07, 2009 10:37 pm    Post subject: Reply with quote

KRIMZON_SV_PARSECLIENTCOMMAND is your friend.
_________________
What's a signature?
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Inside3d Forums Forum Index -> Engine Programming All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2004 phpBB Group