Skip to main content

Browse GamesGame JamsUpload GameDeveloper LogsCommunity
Indie game storeFree gamesFun gamesHorror games
Game developmentAssetsComics
SalesBundles
Jobs
TagsGame Engines
Elisée8 years ago

Yes it is a big deal and we're not quite sure how to approach it yet.

One goal is to avoid running any centralized infrastructure whenever possible, to avoid single points of failure (and reduce costs!)

Another very clear goal is to never require that people sign up before they can use Superpowers. One should be able to click on an invite link and hop on as a guest right away.

Now, if we can somehow provide opt-in identity support, through OAuth or something similar, that'd be awesome. But we haven't figured out a technical solution yet, much less a workflow for it.

Reply
kilkonie8 years ago(+1)

I'd avoid OAuth.

Informal, per-server accounts seem fine. Why not start with a pragmatic solution - like a password to register with the server. If you know the passphrase you can join the server. The server can pass a private session key to the client — if the password changes, regenerate the key.

Then allow joining the server with a unique username / password. If you choose to manage your identity within the client - the client could do the account configuration for you — but that implies that the client has the password in the clear to submit to the server. Without central management it's hard to ensure folks have created a unique username – worst case, you'll have Alex as a user name and you'll join your friends server and you'll become Alex #2 when participating.

Reply
AboutFAQBlogContact us
Copyright © 2024 itch corp · Directory · Terms · Privacy · Cookies