Home
Blogs
Forums
News
Portfolios
Projects
Tutorials
19 users logged in
New? Learn about game development.
Before posting, review our community guidelines.
Follow Us
Chat in the GameDev.net Discord!
Mastodon
Back to General and Gameplay Programming

[web] Cross site authentication for social networking

Started by
12 comments, last by Sander 16 years, 1 month ago
Quote:Original post by Sander
That's feasible, but it requires changes/additions to site 2 which you don't own.

It's obviously technically possible (and not even that difficult), but I don't know what site 2 is prepared to do to make this easier. [smile]
Quote:Original post by Kylotan
I'm not really asking how to do a specific thing, just wondering if there are ways I hadn't thought of. I'm also interested in what Site 2's API for authenticating a user to another site could be - if it involved you entering your Site 2 username and password into Site 1 then I can see that being unacceptable for many users.

To get this straight: say I'm visiting your website (site 1), do you need to be able to identify me (and only me) as WanMaster on GameDev? Or do you only need to be able to find out if a certain user name (WanMaster, Sander, Sneftel etc.) exists over at GameDev?
Advertisement
I would need to verify that you are the owner/controller of the Wanmaster account on Gamedev.net, in order to make a semantic link between the 2 sites for that user. I appreciate that how you'd do this would vary between sites, because of the different amounts of control that a user has over his section of a site.
Other than having the user add something on their page/profile (head tag, blog post etc.), I can think of one possible system but it will make things very complex and inflexible.

I'll use GameDev (site 2) and the your hypothetical web site (site 1) again. If you have an account at GameDev, you could ask me to send you a PM with some random code you provide me with on your site. Your site's web server could then log in into your GameDev account, go to the PM inbox page, search for the message and verify the code. Technically it's not impossible but it isn't exactly straightforward either. And it will require you to have an account and special interpreter for each third party web site, so it doesn't scale well. And every site needs to have some sort of one-to-one communication (private messages, friends list etc).

O well, just brainstorming.. :)
Quote:Original post by Kylotan
I'm not really asking how to do a specific thing, just wondering if there are ways I hadn't thought of. I'm also interested in what Site 2's API for authenticating a user to another site could be - if it involved you entering your Site 2 username and password into Site 1 then I can see that being unacceptable for many users.


There are a lot of so called "web 2.0" sites that do exactly that in order to work together with other social network sites. Usually it's just for one-time information copying so you could tell users that it's a one-time thing only and that they should change their password on site 2 after you're done.

But there are a lot of other possibilities. Think of it more as a site-specific OpenID-like construct. You could put a form (username only) or link on site 1 that takes you to a login page on site 2. After succesfull authentication on site 2, the user is redirected to a page on site 1. Something like:

<form method="post" action="http://site2.com/remote-authentication.html">    <input type="hidden" name="on-success" value="http://site1.com/success" />    <input type="hidden" name="on-failure" value="http://site1.com/error" />    <input type="text" name="site2-username" value="" /></form>


It would need some extra protection so that users can't simply read the page source and browse to http://site1.com/success directly, but it's simple and it works. From there on you could make it as complex as you want. But all these system require cooperation of site 2 for the specific purpose of remote authentication.

<hr />
Sander Marechal<small>[Lone Wolves][Hearts for GNOME][E-mail][Forum FAQ]</small>

This topic is closed to new replies.

Advertisement

Popular Topics

aigan
The promise of freedom in story games Game Design and Theory
Nosey
Ideas for a new genre (anonimous) Game Design and Theory
KielanT
DirectX 12 Renderer Graphics and GPU Programming
MrK45
Inheriting from application registered class AngelCode
Advertisement

Recommended Tutorials

kevinharwood
The Viral Formula Business and Law
Myopic Rhino
The Future of PC Gaming Graphics and GPU Programming
franciscora
Procedural Generation: Pros and Cons Graphics and GPU Programming
PVS-studio team
Not All is Fine in the Morrowind Universe General and Gameplay Programming
gdarchive
Finite State Machines and Regular Expressions General and Gameplay Programming

Reticulating splines

About GameDev.net
Community Guidelines
Terms of Service
Privacy Policy
Contact Us
Copyright (c) 1999-2024 GameDev.net, LLC
Back to Top