Prevent clients from creating rooms

MarkZornMarkZorn
in JavaScript
Hello - I am wondering if there is a way to setup my app such that anonymous clients, which access photon using a website and the js sdk, can join rooms, but not create new rooms, and only the "server" for my game, using a custom authentication mechanism, can create rooms.

Because of how my game is intending to function, similar to jack box games, I can't think of a way for the clients to be able use an authentication method and I want to prevent unauthenticated users from being able to essentially hijack my photon app and create their own rooms and the like.

Is such a thing possible?

Comments

  • JohnTubeJohnTube mod
    edited January 8
    Hi @MarkZorn,

    Thank you for choosing Photon!

    This is not possible using client logic only.
    The proper way to do this is via custom server plugin which are available for self-hosted (on-premises) Photon Server or private Photon Enterprise Cloud.

    There is another way to do this using webhooks but it's hacky as it was not the intended purpose:
    Webhooks were meant to allow saving and loading room state.
    So if you want to use them to block room creation here is what you need:

    Idea:

    we are going to fake new room creation as old room state loading (via JoinOrCreateRoom).
    or when we want to prevent actual new room creation we do not return a response.

    Config:
    • BaseUrl = required
    • IsPersisent = true
    • AsyncJoin (do not add, keep default or set to true) = true
    • PathCreate = set to actual value that works (valid endpoint)
    • PathDestroy = set to a value, could be not working

    Implementation:

    Client:

    - prefer JoinOrCreateRoom over Create room to create rooms.

    Web Server:

    - in PathCreate handler, if args.Type == "Create" and you don't want this room to be created DO NOT RETURN ANY RESPONSE.
    - in PathCreate handler, if args.Type == "Load" and you don't want this room to be created, return response with ResultCode != 0.
    - in PathCreate handler, if args.Type == "Create" and you want this room to be created return a default success response (ResultCode = 0).
    - in PathCreate handler, if args.Type == "Load" and you want this room to be created return a success response (ResulceCode = 0, State = {}).
Sign In or Register to comment.