Account ID''s and the "name" file

Mon Sep 12, 2005 6:23 am by Accushot

I'm working on a client-server program that needs to send MP player details from the server to a client when requested. The main problem I'm facing is that of authentication. I need to make sure the client can only request data on their own characters, so ideally I need a way to validate the account ID server-side and only return player files that match this ID.

As far as I know, the file called "name" in the player directory contains the account ID, but it is encrypted. I've searched TLR as far as possible and haven't found an answer; does anyone here know the encryption method used to store this information? If not, I'm open to suggestions on other methods of authenticating the user...

Mon Sep 12, 2005 7:13 am by Cold_Void

its some product of both the client & server's id #s i guess,perhaps related to accounts.cfg

Mon Sep 12, 2005 7:29 am by -Trail-

no, uhmm you check their player name against the decoded name in their player file, that should work

Mon Sep 12, 2005 8:14 am by Chips

Joe Boomz? www.ioncross.com - he maybe able to help fairly quickly if he is still active.

Mon Sep 12, 2005 11:06 am by Accushot

I'll try and get on to Joe Boomz, but I don't think this was ever needed or implemented in Ioncross.

@Trail, it's nothing to do with the player name. The name in the player file is the name you choose on the "Create Character" screen; I'm trying to determine the Account ID itself. Otherwise, players could just enter the name of someone elses character and there would be no way of knowing if it was their character or not.

Mon Sep 12, 2005 1:47 pm by -Trail-

grab it from the registry on clients side, that way teh player would need to know another persons ID to gain access, you couls also use IP matching just to be on the safe side.

Mon Sep 12, 2005 2:52 pm by Accushot

That's the problem - I can grab it from the client-side registry, but then how to use that ID server-side to get the required player files? The account ID is not stored in the server files at all, except for the "name" file in every player directory. The problem is decrypting this file.

Thanks for the input so far.

Mon Sep 12, 2005 10:12 pm by -Trail-

hmmm, ill see if i can find any matches wirh my server files and my client files...

hmm mabe its too early or have i simply lost my registry knowlage... oh no there it is

ok... i see, and no program will open the name file. ok ill think about it, its too early atm ^^

Wed Sep 14, 2005 10:14 am by -Trail-

what about creating an encoded file with their username in it, encded (MD5?) and save it to their FL dir and then it would check it off against your MD5 of their name, or MD5 of somethin else as creating MD5's aint hard, ehmm it could use a custom encoding then and it would check it against your file, like they would enter "napalm" and it would look at their file, check the code, somehting like 5e1x2046he1 or something then if your file called "napalm.txt" contains the line 5e1x2046he1 it would allow further connection, If not it would not allow connection.
That way if they dont have encoded name or spell the username incorectly they would not be able to connect, and for extra protection the username would require a pass that would only be stored in the napalm.txt file on server side, say pass was "freelanc3r" then it would check that there is a file called napalm.txt, it would then check the encoded randomness, then it would finally check they entered the correct password then they can continue, there would be custom errors like incorrect hash, incorrect pass, username does not exist on server, please create a new account or check spelling lalala.

I think i wuld be able to do that myself in a month or so of Perl learning.

Help?

Important Message

You are browsing the archived Lancers Reactor forums. You cannot register or login.
The content may be outdated and links may not be functional.

To get the latest in Freelancer news, mods, modding and downloads, go to
The-Starport