External Login (No PHP)

  • Hey all,


    I searched through the forum and found a lot of similar threads, but all were taking care of logins written in PHP/HTML where just the github loginHelper was imported.

    I want to use the login details to use them to login into a game account, so I want to know if there is something like a RESTful Service behind that or if there is some plugin available I did not find cause I am maybe to dumb to find good keywords for my issue. So some API kind of thing would help a lot too.


    I would need to check the following:

    • POST username and pass => returns a value that represents correctness
    • GET id of user? so I can
    • GET if the user is in an specific group or the groupID > (non-whitelist)-ID


    I want to implement this into JS (JS only, no HTML,CEF etc if possible), so creating webrequest would be my favourity way to go, since this would happen serverside. If I would use CEF this would be clientside but I do not want to save any of these API data clientside or make it manipulatable.


    Cheers.

  • No.

    there is some possibility doing it with WCF or whatever its called but only with php? I saw you writing in different threads regarding that as I searched through the forum. Could you give me an link to an entry point to read what and how and where to do such things?

  • I'm afraid most of the useful threads are in German if I remember correctly (possible search parameters are externer login externe registrierung) , so I might just give you an example and try to explain a little bit:


    You can find all the sources of WCF 2.1 (since you posted in this section) oin GitHub: https://github.com/WoltLab/WCF/tree/2.1.24/

    I added links to the used classes wihtin the code, you might want to check them in case to implement more queries.


    If you send a POST-request against api.php?action=getGroupIDs and send the following parameter as POST:

    Code
    username

    you'll get an array of integers containing the user's group ids. (I implemented it this way because it might be more flexible to use instead of checking a single id).


    If you send a POST-request against api.php?action=checkCredentials and send the following parameter as POST:

    Code
    username
    password

    you'll get whether the user exists and it's id. Keep in mind that the clear type password is used, so don't do this without encryption.

    We could check the hashed password in the database, but I'm pretty sure your requesting software doesn't own the hashed version, am I right?


    Is it helpful; do you have further questions?

    Btw. I didn't test the script. Don't wonder if it behaves strange; don't hastitate to ask then. ;)

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!