I've recently read a bunch of topics about problems with trolls and spammers creating multiple accounts via proxied connections to harass others' games. In some of these topics, email verification has been mentioned as one potential answer.
From what I could see, it seems that the attitudes to such a verification haven't been totally hostile, so I was wondering if this was something potential dev prospects could choose to pursue.
In how I thought about it, it would basically be optional. Uberserver would work as before and immediate changes to lobbyclients wouldn't be necessary. In practice, in_REGISTER would take an "email" field which, if filled, has an email sent to it. The email then contains a verification URL (I see that the Uberserver already has a http component in the form of getip.php, so there could be a verify.php?) as usual. An additional API function would need to be added for changing email - this can then be used by already registered users as well.
Uberserver itself wouldn't care if an user has an email verified or not, but Autohosts could query Uberserver for if an user is verified. Autohosts or other users would never see anyone's email, mitigating potential security concerns regarding spam and stuff.
Is this something that I could realistically work towards, or is email verification going to be outside of Uberserver's domain?
Optional email verification for Uberserver?
For the discussion of infrastructure improvements and changes.
2 posts • Page 1 of 1