SERVERTOKEN: Difference between revisions

From Dark Signs Online
Jump to navigationJump to search
No edit summary
No edit summary
Line 1: Line 1:
''string'' '''SERVERTOKEN'''()
''string'' '''SERVERTOKEN'''()


Get a short lived server verification token
Get a short lived (5 minutes) server verification token


== Example ==
== Example ==

Revision as of 05:44, 19 March 2024

string SERVERTOKEN()

Get a short lived (5 minutes) server verification token

Example

Creates a server token and sends it to a remote server for validation

$token = SERVERTOKEN()
WAIT FOR $token
$token = URLEncode($token)
$data = DOWNLOAD(https://www.example.com/?dsouser=$token)
WAIT FOR $data
SAY $data


Validation

The token is a JWT standard token signed with the RS256 algorithm. The public can to verify the token can be found here: https://darksignsonline.com/api/domain_token_public.php

The token's payload will look as follows when connected to example.com (excluding the comments indicated by //)

{
  "iss": "https://darksignsonline.com/api/domain_token.php", // Always this value
  "aud": "example.com", // The Dark Signs Online domain the user is connected to that requested the token
  "sub": "1", // The User ID of the user
  "name": "doridian", // The username of the user
  "iat": 1710821229, // Issued At
  "exp": 1710821529 // Expires At
}