From: <si...@mu...> - 2013-10-30 21:08:10
|
> Hi Simon, > > OK. > > Another question for you and Madbad, with system ID or another system > without registred users ... often a player take a pseudo for game, > how to know if a player doesn't take a nickname already in use by > another player Because whatever 'name' they choose to enter (if they want) is not the UUID which represents them in the database, instead we use a psuedo-random token which the server generates/gives to them for tracking purposes. I can't find the python scripts (I'm at work at present), but here's how they work: Take a number (server side incremented, to represent player 1, 2, etc...) and encrypt it with a secret key, give this to the end user to submit their laptimes with. Since the tokens are generated by symetrical encryption (rather than random or hash) they are guarenteed to be unique. If the user looses it, then no-worry just give them the next/new ID. Let the user register a nick-name against the token to make display more friendly. Encode procedure (generates the first 40 tokens) -- $ for i in $(seq 1 1 40); do echo -n `python num_to_128bits.py $i | openssl enc -aes128 -nosalt -pass pass:test -nopad | python 128bits_to_num.py 0x3DCBCE60649BA8CCA716DC93F9A395D3 ... -- Decode proceedure (decripts a token to a user number) -- $ python num_to_128bits.py 0x3DCBCE60649BA8CCA716DC93F9A395D3 | openssl enc -d -aes128 -nosalt pass pass:test -nopad | python 128bits_to_num.py 0x00000000000000000000000000000001 -- Since the token is 128bits long, it is very unlikely that anyone would be able to guess it to submit results as you (or change you user's name/etc). Simon |