[Freeciv-Dev] Auth and gamelog reporting rewrite
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
I think the current setup is unnecesarily complicated and bug-prone.
Instead, I suggest the following architecture:
New server command - /authdb HOST USER PASSWORD - to be run by
pubservers as they launch new games.
All authentication is done directly against this mysql database. The
authentication-by-plaintext-file code is removed, since it is unlikely
anyone would ever want to use it (and nobody has so far AFAIK). We can
offer other pubserver operators that we trust to use our mysql server for
authentication and ranking. This way we can spread the server load while
centralizing the ranking and userbase.
Furthermore, I would like to add all relevant gamelog messages directly
into the mysql database, and not bother with outputting it to the xml
file. This extra xml step is not, AFAICT, necessary.
I do not see the big deal in using md5 to store passwords, as is currently
done on pubserver. I would rather have the possibility to send players
their passwords on request by email. For security purposes, sending
passwords in cleartext over the network is the threat.
My pubserver rewrite-in-progress is (and will be further) documented at
http://www.freeciv.org/index.php/Publite
- Per
- [Freeciv-Dev] Auth and gamelog reporting rewrite,
Per Inge Mathisen <=
|
|