THREAD: Server-sided auth code using keys (Elite or custom licensing)
  1. 01-25-2016, 03:22 AM
    Tustin's Avatar
    Tustin
    Balls of Steel
    Tustin's Avatar
    Tustin
    Balls of Steel
    5,462
    Posts
    310,646
    Reputation
    May 2008
    NextGenUpdate
    Sup?

    I wrote this code for The Tesseract re-release but that never happened, so here we are. I had also originally posted this in the Gaming Squad section, but I figured it could be useful for everyone. You can use this code to either authenticate your app for Elite or using a custom key system - it's all up to you. The example uses Elite auth by default but you can change it pretty easily by just getting rid of the validate_elite_key function call. Follow the steps below for installing this on your server.

    Prerequisites:

    • A server
    • A web server installed (nginx, apache2, it doesn't matter)
    • MySQL installed
    • PHP installed
    • Root login info for MySQL


    How to setup:

    1. Download zip and extract contents to a location on your PC
    2. Open up 'autoload.php' and add a name for the DATABASE_NAME constant at the top.
    3. In the same file, add the credentials for your MySQL login. This user should have permissions to create tables and databases (so ideally use root)
    4. Save file, and upload all the files to a directory on your server.
    5. Go to the directory in your browser and load the setup.php script first.
    6. If you used proper MySQL credentials, it will successfully create both a database and two tables in said database.
    7. DELETE setup.php from your server
    8. Create a new MySQL user with only the required permissions (SELECT, INSERT, UPDATE, etc) and replace your root user's credentials inside `autoload.php` with this new MySQL user information (thanks to JB for catching this error)
    9. To test, access auth.php with a GET request for key using your NGU Elite key (example: You must login or register to view this content.)
    10. If the setup worked properly, it should output "Some useful information" (hilarious, right?) and if you check your log and users table, you should see your Elite key there.


    It's a basic system for getting your app up and running. However this does do automatic banning for users who share multiple keys under so many different IPs in a certain period of time (like 24 hrs I think). The ban check is done each time the auth script executes, so unless your app gets little to no traffic, it should do just fine. If you really want you can setup a cron job to run the unban/ban process every so often.

    You must login or register to view this content.

    Enjoy and let me know if you have any issues or just need help with it.
  2. The Following 27 Users Say Thank You to Tustin For This Useful Post:

    , , , , , , , , , , , , , , , , , , , , , , ,

  3. 02-23-2016, 06:21 PM
    n/a
    Posts
    n/a
    Reputation
    Once upon a time...
    NextGenUpdate
    can some one set it up for me please
  4. 02-23-2016, 07:31 PM
    Octolus's Avatar
    Octolus
    I defeated!
    Octolus's Avatar
    Octolus
    I defeated!
    617
    Posts
    41,844
    Reputation
    Jul 2011
    NextGenUpdate
    Originally Posted by JB View Post
    That's all good then. Leaked root MySQL credentials are ingredients for a nightmare!


    Tell me about it lmao..
  5. The Following User Thanked Octolus For This Useful Post:


  6. 02-24-2016, 09:18 PM
    n/a
    Posts
    n/a
    Reputation
    Once upon a time...
    NextGenUpdate
    what hosting will let me set it up please put it on here and the link
  7. 03-17-2016, 09:42 PM
    Tustin's Avatar
    Tustin
    Balls of Steel
    Tustin's Avatar
    Tustin
    Balls of Steel
    5,462
    Posts
    310,646
    Reputation
    May 2008
    NextGenUpdate
    I updated the auth a bit and setup a repo on Github with the code. Feel free to fork it and make changes to it if you want. You must login or register to view this content.

    I made a new file called ngu-auth.php which uses the NGU Elite key auth. The auth.php file is now for your own custom keys because a lot of people were asking how to set that up. I'll make two releases soon on the repo so you can just download the files for whatever auth you want to use.
  8. 03-18-2016, 11:58 PM
    19
    Posts
    10
    Reputation
    Feb 2016
    NextGenUpdate
    Hey Tustin Will You Help Me Set it up because i am running into erros While doing it I Am Using Godaddy Hosting
  9. 04-06-2016, 10:40 AM
    Passion's Avatar
    Passion
    League Champion
    Passion's Avatar
    Passion
    League Champion
    1,750
    Posts
    33,151
    Reputation
    Apr 2015
    NextGenUpdate
    Originally Posted by Tustin View Post
    Sup?

    I wrote this code for The Tesseract re-release but that never happened, so here we are. I had also originally posted this in the Gaming Squad section, but I figured it could be useful for everyone. You can use this code to either authenticate your app for Elite or using a custom key system - it's all up to you. The example uses Elite auth by default but you can change it pretty easily by just getting rid of the validate_elite_key function call. Follow the steps below for installing this on your server.

    Prerequisites:

    • A server
    • A web server installed (nginx, apache2, it doesn't matter)
    • MySQL installed
    • PHP installed
    • Root login info for MySQL


    How to setup:

    1. Download zip and extract contents to a location on your PC
    2. Open up 'autoload.php' and add a name for the DATABASE_NAME constant at the top.
    3. In the same file, add the credentials for your MySQL login. This user should have permissions to create tables and databases (so ideally use root)
    4. Save file, and upload all the files to a directory on your server.
    5. Go to the directory in your browser and load the setup.php script first.
    6. If you used proper MySQL credentials, it will successfully create both a database and two tables in said database.
    7. DELETE setup.php from your server
    8. Create a new MySQL user with only the required permissions (SELECT, INSERT, UPDATE, etc) and replace your root user's credentials inside `autoload.php` with this new MySQL user information (thanks to JB for catching this error)
    9. To test, access auth.php with a GET request for key using your NGU Elite key (example: You must login or register to view this content.)
    10. If the setup worked properly, it should output "Some useful information" (hilarious, right?) and if you check your log and users table, you should see your Elite key there.


    It's a basic system for getting your app up and running. However this does do automatic banning for users who share multiple keys under so many different IPs in a certain period of time (like 24 hrs I think). The ban check is done each time the auth script executes, so unless your app gets little to no traffic, it should do just fine. If you really want you can setup a cron job to run the unban/ban process every so often.

    You must login or register to view this content.

    Enjoy and let me know if you have any issues or just need help with it.


    I've been trying to use this for my SPRX so when it displays 'Some useful information.' It returns true, but it doesn't work. It doesn't log the ip-date-key in the 'log' table either
  10. 04-22-2016, 10:22 AM
    Danny's Avatar
    Danny
    Hurah!
    Danny's Avatar
    Danny
    Hurah!
    660
    Posts
    4,103
    Reputation
    Jul 2012
    NextGenUpdate
    Originally Posted by Tustin View Post
    Sup?

    I wrote this code for The Tesseract re-release but that never happened, so here we are. I had also originally posted this in the Gaming Squad section, but I figured it could be useful for everyone. You can use this code to either authenticate your app for Elite or using a custom key system - it's all up to you. The example uses Elite auth by default but you can change it pretty easily by just getting rid of the validate_elite_key function call. Follow the steps below for installing this on your server.

    Prerequisites:

    • A server
    • A web server installed (nginx, apache2, it doesn't matter)
    • MySQL installed
    • PHP installed
    • Root login info for MySQL


    How to setup:

    1. Download zip and extract contents to a location on your PC
    2. Open up 'autoload.php' and add a name for the DATABASE_NAME constant at the top.
    3. In the same file, add the credentials for your MySQL login. This user should have permissions to create tables and databases (so ideally use root)
    4. Save file, and upload all the files to a directory on your server.
    5. Go to the directory in your browser and load the setup.php script first.
    6. If you used proper MySQL credentials, it will successfully create both a database and two tables in said database.
    7. DELETE setup.php from your server
    8. Create a new MySQL user with only the required permissions (SELECT, INSERT, UPDATE, etc) and replace your root user's credentials inside `autoload.php` with this new MySQL user information (thanks to JB for catching this error)
    9. To test, access auth.php with a GET request for key using your NGU Elite key (example: You must login or register to view this content.)
    10. If the setup worked properly, it should output "Some useful information" (hilarious, right?) and if you check your log and users table, you should see your Elite key there.


    It's a basic system for getting your app up and running. However this does do automatic banning for users who share multiple keys under so many different IPs in a certain period of time (like 24 hrs I think). The ban check is done each time the auth script executes, so unless your app gets little to no traffic, it should do just fine. If you really want you can setup a cron job to run the unban/ban process every so often.

    You must login or register to view this content.

    Enjoy and let me know if you have any issues or just need help with it.


    Sup? Thanks for this
  11. 07-21-2016, 04:20 AM
    itsSorrow's Avatar
    itsSorrow
    In my man cave
    itsSorrow's Avatar
    itsSorrow
    In my man cave
    3,533
    Posts
    8,883
    Reputation
    Dec 2012
    NextGenUpdate
    Whenever I go to test it doesn't display anything. I set this all up like I should of but it doesn't display anything. Any help?
  12. 08-01-2016, 11:01 PM
    matrixmods's Avatar
    matrixmods
    Pokemon Trainer
    matrixmods's Avatar
    matrixmods
    Pokemon Trainer
    92
    Posts
    334
    Reputation
    May 2012
    NextGenUpdate
    Originally Posted by Tustin View Post
    Sup?

    I wrote this code for The Tesseract re-release but that never happened, so here we are. I had also originally posted this in the Gaming Squad section, but I figured it could be useful for everyone. You can use this code to either authenticate your app for Elite or using a custom key system - it's all up to you. The example uses Elite auth by default but you can change it pretty easily by just getting rid of the validate_elite_key function call. Follow the steps below for installing this on your server.

    Prerequisites:

    • A server
    • A web server installed (nginx, apache2, it doesn't matter)
    • MySQL installed
    • PHP installed
    • Root login info for MySQL


    How to setup:

    1. Download zip and extract contents to a location on your PC
    2. Open up 'autoload.php' and add a name for the DATABASE_NAME constant at the top.
    3. In the same file, add the credentials for your MySQL login. This user should have permissions to create tables and databases (so ideally use root)
    4. Save file, and upload all the files to a directory on your server.
    5. Go to the directory in your browser and load the setup.php script first.
    6. If you used proper MySQL credentials, it will successfully create both a database and two tables in said database.
    7. DELETE setup.php from your server
    8. Create a new MySQL user with only the required permissions (SELECT, INSERT, UPDATE, etc) and replace your root user's credentials inside `autoload.php` with this new MySQL user information (thanks to JB for catching this error)
    9. To test, access auth.php with a GET request for key using your NGU Elite key (example: You must login or register to view this content.)
    10. If the setup worked properly, it should output "Some useful information" (hilarious, right?) and if you check your log and users table, you should see your Elite key there.


    It's a basic system for getting your app up and running. However this does do automatic banning for users who share multiple keys under so many different IPs in a certain period of time (like 24 hrs I think). The ban check is done each time the auth script executes, so unless your app gets little to no traffic, it should do just fine. If you really want you can setup a cron job to run the unban/ban process every so often.

    You must login or register to view this content.

    Enjoy and let me know if you have any issues or just need help with it.


    So i have this completely setup a long with the Socket Request stuff out of my sprx, but when i try to check a key to auth.php it just returns "Forbidden, you do not have access to auth.php on this server"