Blockland Forums > General Discussion
blockStar - Hosting Administrative Services (Temporarily Locked - Page 24)
Jeep:
--- Quote from: Darkness ZXW on January 11, 2013, 06:51:43 PM ---I was there when you said something along the lines of "Don't worry, I have Jeepserver making the overlay/controlpanel."
--- End quote ---
JS was never consulted about that.
--- Quote from: Glassy on January 11, 2013, 06:36:48 PM ---What? This doesn't make much sense. If i'm correct you said you have a solid plan, which you obviously don't.
--- End quote ---
You are really really stupid.
--- Quote from: Glassy on January 11, 2013, 06:46:46 PM ---IF I was, I would have had it done by scratch. Not be using Jeep's stuff.
--- End quote ---
LOL
sh0ckthealien:
--- Quote from: Ephialtes on January 11, 2013, 05:59:59 PM ---If you make a decent service for Blockland users I'll host it for you for free myself to avoid you having to charge them at all. Like I said, there's no legitimate reason to be charging for something like this.
--- End quote ---
That's a solid offer. I would take him up on that if I were you, Jeep.
Giving back to the community at no cost to you. Everybody wins.
Jeep:
--- Quote from: sh0ckthealien on January 11, 2013, 10:48:42 PM ---That's a solid offer. I would take him up on that if I were you, Jeep.
Giving back to the community at no cost to you. Everybody wins.
--- End quote ---
I probably will end up taking him up on it.
I finished the authentication API tonight. It's actually every simple. blockStar's mod or wrapper can call this system and authenticate based on it. The server asks for a username, and a hashed password. After receiving this, blockStar's server searches the database for said user, as well as their hash. The server will reply with 1 of 4 responses:
--- Code: ---0 - User does not exist, or incorrect credentials.
1 - User exists, it not locked, and valid credentials.
2 - User account has been locked.
3 - System in Maintenance Mode.
--- End code ---
The server software authenticates in another method, which I will not disclose. Also, if someone attempted to fool the authentication, and managed to get by, they're going to get stuck as soon as they try to do something. The server won't believe that they ever authenticated, and therefore will reject any requests until it has valid proof of authentication. (which is impossible, for the record) It's a fool proof authentication system. We can thank modern ASP technology for that.
Kalphiter:
--- Quote from: Jeep on January 11, 2013, 11:29:19 PM ---The serverr software authenticates in another method, which I will not disclose. Also, if someone attempted to fool the authentication, and managed to get by, they're going to get stuck as soon as they try to do something. The server won't believe that they ever authenticated, and therefore will reject any requests until it has valid proof of authentication. (which is impossible, for the record) It's a fool proof authentication system. We can thank modern ASP technology for that.
--- End quote ---
I doubt this.
Jeep:
The authenticator verifies that all information checks out, and returns the assigned value if it does. So, say someone managed to get around that, and are now on the wrappers screen. They can't do anything:
- The server API is programmed to automatically reject any account that has been disabled, or is not authenticated. Regardless of it's function.
That goes for any data. So, when the wrapper asks the server for information, the server will refuse to answer. If the mod tries to send information, the server will ignore it. Unless that person somehow managed to edit the files on the server, they won't be able to get in.