Jump to content
  • Advertisement
Sign in to follow this  
LazySumo

User Registration

This topic is 3656 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hey all, question about programing user registration. I have a game that I plan on marketing with a monthly subscription. I need to know if there is a website/forum post/etc that talks about various methods of implementing the user authentication process. The program will need some mechanisim to phone home, obviously, and then it will need to check the user's current subscription status and allow/disallow continued functions. I know that purchasing the subscription will be a seperate discussion, I just need some insite into the "Yes, you can play this month" process. Additionally, the website/backend will be a .php solution with MySQL. Thanks!

Share this post


Link to post
Share on other sites
Advertisement
I don't have any php knowledge, and only a little MySQL, but it should be a simple addition to your current log in method.

When the user logs in, simply process the login information with their password and check your database (where you will store a date that they are allowed to log in until) and check the current date is less than that date, if yes, process the log in, if no, inform the user that their subscription has expired and fail their login attempt just like they had given an incorrect password.

So in short, add a field to your database that stores the user information that is a "subscribed until" date, that date can be either the last date they are allowed access, or the date their access is terminated, whichever you prefer. Then when the user attempts to log in, the server gets its current time/date, checks against the users subscribed until date and either accepts or denies their login.

Then of course, when you set up your subscription and payment system, it just needs to increment that date within the database.

EDIT:
I think i didn't include quite enough information. The authentication process might also depend on your connection method. I personally use the following method.

User sends connection request
Server accepts connection request and sends key
User encrypts login data with key and returns it to server
Server decrypts information and check login credentials, server returns authorized or not, if the server allows the connection, it enters a state to accept further requests from the user, if not, it terminates the connection.

I hope that answers your question sufficiently.




[Edited by - nightech on June 13, 2008 6:29:05 PM]

Share this post


Link to post
Share on other sites
OK, the edit you just posted is getting a lot closer to what I need. How about this question then...

Using C# and php and MySQL. What sort of code is needed (both client side and at the webserver) to generate that conversation? I guess once I get that I can probably manage the rest of the handshaking.

Anything along those lines? Thanks.

Share this post


Link to post
Share on other sites
Quote:
Original post by LazySumo
OK, the edit you just posted is getting a lot closer to what I need. How about this question then...

Using C# and php and MySQL. What sort of code is needed (both client side and at the webserver) to generate that conversation? I guess once I get that I can probably manage the rest of the handshaking.

Anything along those lines? Thanks.


Just a word of warning... getting C# to work with MySQL requires a bit more effort than it would with SQL Server, same goes for PHP and ASP/ASP.Net. However it's not impossible so if that's the way you want to go then it shouldn't be too hard, just a bit more work.

I can't give you any proper code right now, but for matching usernames and passwords you want to start by making sure that you have unique usernames and hashed passwords, the former of which will make your life much easier when it comes to making comparisons.

Then all your code needs to do is hash the plaintext password put in on your login form and check that the hashed value equals the hashed value stored agains that particular username. Sample SQL pseudocode:


SELECT * FROM users WHERE username = 'foo' AND password = 'hashed_bar'


If the number of returned rows > 0 then you're all set. Look into a function called ExecuteNonQuery, which takes a given SQL query and returns the number of affected rows. I'm a bit rusty on all of this so I'm making no guarantees, but ExecuteNonQuery should be at least helpful if not exactly what you're looking for.

My method could be seen as a bit hackish but it works. I can make absolutely no guarantees for security though, so be careful.

Share this post


Link to post
Share on other sites
As far as C# code, i don't know much, if you're using a TCP client and TCP listener, you can check out the code for each at MSDN, it includes the C# examples.

TCPClient: http://msdn.microsoft.com/en-us/library/system.net.sockets.networkstream.aspx

TCPListener: http://msdn.microsoft.com/en-us/library/system.net.sockets.networkstream.aspx

NetworkStream: http://msdn.microsoft.com/en-us/library/system.net.sockets.networkstream.aspx

Server side: Create a TCPListener and networkstream. Just wait for an incoming connection, the connect the client. Use Networkstream to get the stream from the TCPListener, and that will be what you use to read from and write to the stream.

Client Side: Create a TCPClient and networkstream. Try to connect the TCPClient, get the networkstream and then that's communication from the client side.

If you're doing something embedded in a webpage, i'm at a complete loss i'm afraid.

the server would have a TCP listener to accept connections and perform the communication. I've only used this in VB.Net so my own experience is limited, but it is quite simple to produce a set of communications

So initially, the server must be running and have a TCP listener active.
The user then runs their software and makes a connection with the server, the server will just accept the connection.
The server sends out whatever encryption key it determines for the client.
The client encrypts their log in information and sends it to the server
The server decrypts the log in information and checks the database
If the user is able to log in, send back a confirmation, otherwise, send an error and drop the connection server side.

Each communication between the server and client occurs by reading and writing the networkstream on the TCP client/listener.
For example, after the server accepts the connection it might use
MyConnection.Write(EncryptionString)
The client would be waiting with an equivalent read operation.

Here MyConnection is the networkstream associated with the TCPListener.


Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

Participate in the game development conversation and more when you create an account on GameDev.net!

Sign me up!