Spring.GetPlayerInfo: customPlayerKeys setup

Spring.GetPlayerInfo: customPlayerKeys setup

Discuss game development here, from a distinct game project to an accessible third-party mutator, down to the interaction and design of individual units if you like.

Moderator: Moderators

Post Reply
sunspot
Posts: 104
Joined: 09 Jun 2011, 12:17

Spring.GetPlayerInfo: customPlayerKeys setup

Post by sunspot »

I've been looking at the LUA Spring API and came across an old familiar that I'm going to need a lot. At a certain point in time I will need to supply some kind of hashkey to a player for a secure REST call to a webapi. I was wondering about several sollutions I could try. But then I saw the customPlayerKeys return value. If it does what I think it does aka add metadata to a player, then I could use that to put the hashkey in. Now my question is , how does that customPlayerKeys table get filled ? I suppose a lobby client needs to fill it when the game launches ?

for reference:

Code: Select all

Spring.GetPlayerInfo( number playerID ) -> 
   nil | string  "name", 
         boolean active,
         boolean spectator,
         number  teamID,
         number  allyTeamID,
         number  pingTime,
         number  cpuUsage,
         string  country,
         number  rank
         table   customPlayerKeys
User avatar
jK
Spring Developer
Posts: 2299
Joined: 28 Jun 2007, 07:30

Re: Spring.GetPlayerInfo: customPlayerKeys setup

Post by jK »

its content is read from the lobby created script.txt
sunspot
Posts: 104
Joined: 09 Jun 2011, 12:17

Re: Spring.GetPlayerInfo: customPlayerKeys setup

Post by sunspot »

jK wrote:its content is read from the lobby created script.txt
ow damn, thats just plain text then, that everyone can read. Thats not an ideal scenario for what I had in mind.

I had hoped to do something like

Code: Select all

http://gamedomain:80/rest/army?supersecrethash=(hashvalue)
for each player , to get all the units that player has to it's disposal. But if all those hashes would be plain text in the script.txt, it wouldn't be that supersecret anymore ...

Well not that this was a foolproof system anyhow, but still better a tiny bit of security in REST calls then none. In a pure java environment I would base64 encode username+password and use Spring(Java framework Spring not SpringRTS) security to decode on serverside.
Post Reply

Return to “Game Development”