SERVERTOKEN

From Dark Signs Online
Revision as of 18:41, 19 March 2024 by Doridian (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

string SERVERTOKEN()

Get a short lived (5 minutes) server verification token

Example

Creates a server token and sends it to a remote server for validation

$token = SERVERTOKEN()
WAIT FOR $token
$token = URLEncode($token)
$data = DOWNLOAD(https://www.example.com/?dsouser=$token)
WAIT FOR $data
SAY $data


Validation

The token is a JWT standard token signed with the RS256 algorithm. The public key to verify the token can be found here: https://darksignsonline.com/api/domain_token_public.php

The token's payload will look as follows when connected to example.com (excluding the comments indicated by //)

{
  "iss": "https://darksignsonline.com/api/domain_token.php", // Always this value
  "aud": "example.com", // The Dark Signs Online domain the user is connected to that requested the token
  "sub": "1", // The User ID of the user
  "name": "doridian", // The username of the user
  "iat": 1710821229, // Issued At
  "exp": 1710821529 // Expires At
}