Export Question

BYOND Forums

Announcements · BYOND Help · Bug Reports · Feature Requests · Beta Testers · Beta Bugs · Developer Help · Design Philosophy · Demos & Libraries · Tutorials & Snippets · Art & Sound · Classified Ads · Game Updates · Contests & Events · Linux Talk · On Topic · Off Topic

Export Question

ID:2114831

Jul 11 2016, 10:40 pm

(See the best response by MrStonedOne.)

Lavenblade

There is a hashed password and salt stored in a database.

I want users to be able to login with their account in that same database.

However, I also want to keep the salt a secret server side.

Is it safe to use world.Export to send the username/password over ssl(once implemented) to have it hashed server side via php? Then checked to ensure the login credentials match and then return a value via echo that is read by world.Export? Any security risks with this approach?

I want the salt to stay secret, so getting the salt via dantom.db and hashing client side isn't an option.

Example:

https://www.yourwebsite.com/scripts/account_auth.php?account_name=yourusername&account_password=yourpassword

PHP Code would run behind the scenes. Grabbing the salt for the user and then hashing their password server side with php. Afterwards, being compared to the hash stored in the database for that user. If they match, echo a response code. If not, echo an error response code.

In DM it would look something like this:

var/login_auth[] = world.Export("https://www.yourwebsite.com/scripts/account_auth.php?account_name=[account_name]&account_password=[account_password]")

Then you'd check the response code via the login_auth list.

Jul 11 2016, 10:57 pm
Nadrew	You'd probably be better off encrypting what you send to the server, SSL support or not.

Jul 12 2016, 1:49 am (Edited on Jul 13 2016, 3:34 am)

Best response

MrStonedOne

Once ssl is implemented, it would be safe, but that would depend on how many controls byond gives you over ssl security. If byond allows invalid certs, then it's still insecure against an active mitm attack (but secure against a passive mitm).

If byond checks the valid signers list and domain cn (things curl should do unless told not to) then it would be safe and secure.

edit: a better option for now (and in general) is to just run the login screen in a browse() window using https. IE for all its flaws isn't to bad in this regard.

Should also make it show the address bar so that clients can't get phished by fake servers pretending to be your game.

Then you can use a one of the many php versions of world.export you'll find on the forums to send a response back to the server with a token that is only valid for a minute and only usable once, then confirm that via world.export(). This way clients know they are talking to your site, and not an imposter, and you don't have to care about ssl or not as the attack window is too low and only yields a one time use token, not the user's password.

Jul 12 2016, 3:08 am
Lavenblade	Oh, that sounds like a good idea. Thanks for the input. I have a copy of that PHP function already that I found years ago. Extremely useful.