Hi, I'm working on an app that I need to write player account support for. I've created "profiles" and "high-scores" databases on Cloudant and I'm planning to use the HTTP API to work with the database from my code. I've generated an API key for the database with the permissions I'll need the program to have. I'm going to create a document for each user profile. How should I handle users? If I just had a username and password field stored in the database then it wouldn't be secure since the password would be sent along with the HTTP request. Is there a way to run code on the server? Like a script that will only return the profile's data if the password sent to it matches the user's password? Obviously I would use HTTPs instead of HTTP when sending the data.
EDIT
I found out I can create accounts through the HTTP API should I have the "everyone else" permissions set to allow read and write so that I just use the HTTP API to log the user in and start accessing files? Or are users of the database meant to be something else? If I understand correctly accounts can only be created by admins, so then I would use the API key that I generated to create accounts and upload high scores.
CouchDB for player accounts
You want to hash the salted user password, so when the user sebds his pass, you salt and hash it, and compare against the one in the database. This way you dont store the actual password so hacking your database isnt going to reveal everyones pass to the hacker.
Maybe even do the same on the username so the haxors cant figure out which hashed pass belongs to which user.
Maybe even do the same on the username so the haxors cant figure out which hashed pass belongs to which user.
Author
So do I do that on the C++ side and then send the hashed username and password? How do I unhash it on the server?
So do I do that on the C++ side and then send the hashed username and password? How do I unhash it on the server?
Yes and you don't. You store and compare hashes.
When it comes to user/password storage:
Actually, you typically do NOT send the hashed password from the client -- that just turns the hash into the "new" clear-text password.
You send the password from the client, and hash it on the server, and compare to the hash in the database.
You typically want to use a salt that comes from some hard-to-discover source, to protect against rainbow table attacks.
You typically also want to use a purposefully slow hash function, like bcrypt, to protect against brute force attacks.
However, it sounds like you're using a particular API from a particular service provider. You should do whatever makes sense within that context.
It's likely that their "users" already do the password storage and authentication.
Typically, the server process itself will use a "low level identity" for connecting to the database, and your users will be "high level identities" within your application. No matter which "high-level identity" talks to the server, the server itself runs with a particular identity, and that's what's used to talk to the database.
Depending on what your particular service provider and API implements, they may also implement "high-level identity" support for ACLs and read/write permissions. The right decision for data structure and security comes from your understanding the use case, the threat model, and the available tools. There is no one "true" answer.
That being said: If I, as a user, can connect and say "here's a new highscore table file" then you should be prepared for users uploading... "creatively enhanced" files.
Actually, you typically do NOT send the hashed password from the client -- that just turns the hash into the "new" clear-text password.
You send the password from the client, and hash it on the server, and compare to the hash in the database.
You typically want to use a salt that comes from some hard-to-discover source, to protect against rainbow table attacks.
You typically also want to use a purposefully slow hash function, like bcrypt, to protect against brute force attacks.
However, it sounds like you're using a particular API from a particular service provider. You should do whatever makes sense within that context.
It's likely that their "users" already do the password storage and authentication.
Typically, the server process itself will use a "low level identity" for connecting to the database, and your users will be "high level identities" within your application. No matter which "high-level identity" talks to the server, the server itself runs with a particular identity, and that's what's used to talk to the database.
Depending on what your particular service provider and API implements, they may also implement "high-level identity" support for ACLs and read/write permissions. The right decision for data structure and security comes from your understanding the use case, the threat model, and the available tools. There is no one "true" answer.
That being said: If I, as a user, can connect and say "here's a new highscore table file" then you should be prepared for users uploading... "creatively enhanced" files.
Author
Thanks for the advice. I found an entire book online about CouchDB, so I think I'll read through that to figure out how to pull of your suggestions.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
