Post: Server-sided auth code using keys (Elite or custom licensing)
01-25-2016, 03:22 AM #1
Tustin
Balls of Steel
(adsbygoogle = window.adsbygoogle || []).push({}); Sup?

I wrote this code for The Tesseract re-release but that never happened, so here we are. I had also originally posted this in the Gaming Squad section, but I figured it could be useful for everyone. You can use this code to either authenticate your app for Elite or using a custom key system - it's all up to you. The example uses Elite auth by default but you can change it pretty easily by just getting rid of the validate_elite_key function call. Follow the steps below for installing this on your server.

Prerequisites:

  • A server
  • A web server installed (nginx, apache2, it doesn't matter)
  • MySQL installed
  • PHP installed
  • Root login info for MySQL


How to setup:

  1. Download zip and extract contents to a location on your PC
  2. Open up 'autoload.php' and add a name for the DATABASE_NAME constant at the top.
  3. In the same file, add the credentials for your MySQL login. This user should have permissions to create tables and databases (so ideally use root)
  4. Save file, and upload all the files to a directory on your server.
  5. Go to the directory in your browser and load the setup.php script first.
  6. If you used proper MySQL credentials, it will successfully create both a database and two tables in said database.
  7. DELETE setup.php from your server
  8. Create a new MySQL user with only the required permissions (SELECT, INSERT, UPDATE, etc) and replace your root user's credentials inside `autoload.php` with this new MySQL user information (thanks to JB for catching this error)
  9. To test, access auth.php with a GET request for key using your NGU Elite key (example: You must login or register to view this content.)
  10. If the setup worked properly, it should output "Some useful information" (hilarious, right?) and if you check your log and users table, you should see your Elite key there.


It's a basic system for getting your app up and running. However this does do automatic banning for users who share multiple keys under so many different IPs in a certain period of time (like 24 hrs I think). The ban check is done each time the auth script executes, so unless your app gets little to no traffic, it should do just fine. If you really want you can setup a cron job to run the unban/ban process every so often.

You must login or register to view this content.

Enjoy and let me know if you have any issues or just need help with it.

The following 27 users say thank you to Tustin for this useful post:

BaSs_HaXoR, BaumHF1, Sabotage, Discrepancy, Egzec, endojunky, Father Luckeyy, Frosty, Geo, Kam, Kronos, Kryptus, JokerRey, Norway-_-1999, Darth Saul, Pink Guy, ProfoundModz, Rath, Adrian, Sloth, Specter, Swaqq, Wu., xK ELITE GaminG
02-23-2016, 06:21 PM #11
can some one set it up for me please
02-23-2016, 07:31 PM #12
Octolus
I defeated!
Originally posted by JB View Post
That's all good then. Leaked root MySQL credentials are ingredients for a nightmare!


Tell me about it lmao..

The following user thanked Octolus for this useful post:

JB
02-24-2016, 09:18 PM #13
what hosting will let me set it up please put it on here and the link
03-17-2016, 09:42 PM #14
Tustin
Balls of Steel
I updated the auth a bit and setup a repo on Github with the code. Feel free to fork it and make changes to it if you want. You must login or register to view this content.

I made a new file called ngu-auth.php which uses the NGU Elite key auth. The auth.php file is now for your own custom keys because a lot of people were asking how to set that up. I'll make two releases soon on the repo so you can just download the files for whatever auth you want to use.
03-18-2016, 11:58 PM #15
Hey Tustin Will You Help Me Set it up because i am running into erros While doing it I Am Using Godaddy Hosting
04-06-2016, 10:40 AM #16
Passion
League Champion
Originally posted by Tustin View Post
Sup?

I wrote this code for The Tesseract re-release but that never happened, so here we are. I had also originally posted this in the Gaming Squad section, but I figured it could be useful for everyone. You can use this code to either authenticate your app for Elite or using a custom key system - it's all up to you. The example uses Elite auth by default but you can change it pretty easily by just getting rid of the validate_elite_key function call. Follow the steps below for installing this on your server.

Prerequisites:

  • A server
  • A web server installed (nginx, apache2, it doesn't matter)
  • MySQL installed
  • PHP installed
  • Root login info for MySQL


How to setup:

  1. Download zip and extract contents to a location on your PC
  2. Open up 'autoload.php' and add a name for the DATABASE_NAME constant at the top.
  3. In the same file, add the credentials for your MySQL login. This user should have permissions to create tables and databases (so ideally use root)
  4. Save file, and upload all the files to a directory on your server.
  5. Go to the directory in your browser and load the setup.php script first.
  6. If you used proper MySQL credentials, it will successfully create both a database and two tables in said database.
  7. DELETE setup.php from your server
  8. Create a new MySQL user with only the required permissions (SELECT, INSERT, UPDATE, etc) and replace your root user's credentials inside `autoload.php` with this new MySQL user information (thanks to JB for catching this error)
  9. To test, access auth.php with a GET request for key using your NGU Elite key (example: You must login or register to view this content.)
  10. If the setup worked properly, it should output "Some useful information" (hilarious, right?) and if you check your log and users table, you should see your Elite key there.


It's a basic system for getting your app up and running. However this does do automatic banning for users who share multiple keys under so many different IPs in a certain period of time (like 24 hrs I think). The ban check is done each time the auth script executes, so unless your app gets little to no traffic, it should do just fine. If you really want you can setup a cron job to run the unban/ban process every so often.

You must login or register to view this content.

Enjoy and let me know if you have any issues or just need help with it.


I've been trying to use this for my SPRX so when it displays 'Some useful information.' It returns true, but it doesn't work. It doesn't log the ip-date-key in the 'log' table either
04-22-2016, 10:22 AM #17
Danny
Hurah!
Originally posted by Tustin View Post
Sup?

I wrote this code for The Tesseract re-release but that never happened, so here we are. I had also originally posted this in the Gaming Squad section, but I figured it could be useful for everyone. You can use this code to either authenticate your app for Elite or using a custom key system - it's all up to you. The example uses Elite auth by default but you can change it pretty easily by just getting rid of the validate_elite_key function call. Follow the steps below for installing this on your server.

Prerequisites:

  • A server
  • A web server installed (nginx, apache2, it doesn't matter)
  • MySQL installed
  • PHP installed
  • Root login info for MySQL


How to setup:

  1. Download zip and extract contents to a location on your PC
  2. Open up 'autoload.php' and add a name for the DATABASE_NAME constant at the top.
  3. In the same file, add the credentials for your MySQL login. This user should have permissions to create tables and databases (so ideally use root)
  4. Save file, and upload all the files to a directory on your server.
  5. Go to the directory in your browser and load the setup.php script first.
  6. If you used proper MySQL credentials, it will successfully create both a database and two tables in said database.
  7. DELETE setup.php from your server
  8. Create a new MySQL user with only the required permissions (SELECT, INSERT, UPDATE, etc) and replace your root user's credentials inside `autoload.php` with this new MySQL user information (thanks to JB for catching this error)
  9. To test, access auth.php with a GET request for key using your NGU Elite key (example: You must login or register to view this content.)
  10. If the setup worked properly, it should output "Some useful information" (hilarious, right?) and if you check your log and users table, you should see your Elite key there.


It's a basic system for getting your app up and running. However this does do automatic banning for users who share multiple keys under so many different IPs in a certain period of time (like 24 hrs I think). The ban check is done each time the auth script executes, so unless your app gets little to no traffic, it should do just fine. If you really want you can setup a cron job to run the unban/ban process every so often.

You must login or register to view this content.

Enjoy and let me know if you have any issues or just need help with it.


Sup? Thanks for this
07-21-2016, 04:20 AM #18
itsSorrow
In my man cave
Whenever I go to test it doesn't display anything. I set this all up like I should of but it doesn't display anything. Any help?
08-01-2016, 11:01 PM #19
matrixmods
Pokemon Trainer
Originally posted by Tustin View Post
Sup?

I wrote this code for The Tesseract re-release but that never happened, so here we are. I had also originally posted this in the Gaming Squad section, but I figured it could be useful for everyone. You can use this code to either authenticate your app for Elite or using a custom key system - it's all up to you. The example uses Elite auth by default but you can change it pretty easily by just getting rid of the validate_elite_key function call. Follow the steps below for installing this on your server.

Prerequisites:

  • A server
  • A web server installed (nginx, apache2, it doesn't matter)
  • MySQL installed
  • PHP installed
  • Root login info for MySQL


How to setup:

  1. Download zip and extract contents to a location on your PC
  2. Open up 'autoload.php' and add a name for the DATABASE_NAME constant at the top.
  3. In the same file, add the credentials for your MySQL login. This user should have permissions to create tables and databases (so ideally use root)
  4. Save file, and upload all the files to a directory on your server.
  5. Go to the directory in your browser and load the setup.php script first.
  6. If you used proper MySQL credentials, it will successfully create both a database and two tables in said database.
  7. DELETE setup.php from your server
  8. Create a new MySQL user with only the required permissions (SELECT, INSERT, UPDATE, etc) and replace your root user's credentials inside `autoload.php` with this new MySQL user information (thanks to JB for catching this error)
  9. To test, access auth.php with a GET request for key using your NGU Elite key (example: You must login or register to view this content.)
  10. If the setup worked properly, it should output "Some useful information" (hilarious, right?) and if you check your log and users table, you should see your Elite key there.


It's a basic system for getting your app up and running. However this does do automatic banning for users who share multiple keys under so many different IPs in a certain period of time (like 24 hrs I think). The ban check is done each time the auth script executes, so unless your app gets little to no traffic, it should do just fine. If you really want you can setup a cron job to run the unban/ban process every so often.

You must login or register to view this content.

Enjoy and let me know if you have any issues or just need help with it.


So i have this completely setup a long with the Socket Request stuff out of my sprx, but when i try to check a key to auth.php it just returns "Forbidden, you do not have access to auth.php on this server"

Copyright © 2024, NextGenUpdate.
All Rights Reserved.

Gray NextGenUpdate Logo