Custom Authentication Auth token pass thru
Options
Hi All,
The game I'm working on performs the user login to it's own servers before connecting to the Photon Server. I have not seen it mentioned anywhere, but is there a way to bypass the authentication call in Custom Authentication and just pass in an authentication token for the user?
We are planning on using self hosted and cloud versions.
Thanks,
Matt
The game I'm working on performs the user login to it's own servers before connecting to the Photon Server. I have not seen it mentioned anywhere, but is there a way to bypass the authentication call in Custom Authentication and just pass in an authentication token for the user?
We are planning on using self hosted and cloud versions.
Thanks,
Matt
0
Comments
-
When you setup application you may setup Custom Auth Server.
Photon will just pass data to this server. But it expects defined response. You may find details in LoadBalancing project in MasterClientPeer.cs file
Check methods HandleAuthentication and OnCustomAuthenticationCallback
But before you may read this page: http://doc.exitgames.com/en/realtime/cu ... entication0 -
Thank you for the reply,
However I am asking if we can avoid the provider call and pass in the user name and authentication token directly.
I do have an authentication service that I could throw in as a provider, but it won't work with the current model. For passwords, I am hashing and using a random salt. The method used requires the hash/randomsalt to be returned for a user to deconstruct it in a certain way and then hash the candidate password the same way to verify. The current system would not allow me to do that. I would have to hash the password and pass it to my authentication provider, then compare in the system not using random salts. I will not pass the password up in clear text even using SSL which I am.
So if the answer is that I cannot use random salts with this method or someone has a solution for that, or if there is a way to bypass the provider call, that is what I want to know.
Thanks,
Matt0 -
well, i think you will get what you want if you will not specify any auth provider for your app. and when you will send auth request to server you need to specfiy AppId, AppVersion, UserId. Other parameters should be 0 or null0
-
Hi Matt,
I think what you are looking for is a feature we haven't documented publicly since its rather new - we allow to return{ "ResultCode": 0, "Data": { "key1": "abc", "key2": 123 } }
Where Data is expected to be a json object - that will be auto transformed into a dict<string,object> and returned back to your client.
Which you could use to send back the hash/randomsalt.
-Philip0 -
Thank you all for the replies. I'll work with the suggestions and see what I can come up with. I'll post up what I did later.
Thanks again,
Matt0