In response to A.T.H.K
A.T.H.K wrote:

It's a bit ridiculous..

More than a bit.

Bumping with hope in my shallow, shallow hea- I mean, ehh, intellectual mind that knows the heart has nothing to do with hope or love or whatnot. =D
Going to bump this again, still no response.
I would like a web api for verifying keys as say the flash client ever comes out the web api would allow for devs to authenticate people. Or a dev could embed their game into a website through a server. Then people could mobile play the game without being required to have the pager installed. However the api could be used to also still add ads to the game like it is already so byond didn't lose the ad revenue.
mega bump.
If curious, i just went for a shot again, this time using BYOND's site but ofcourse, ended with a fail.

1: Using PHP, i can get the byondcert but that wont do me any good.

2: I went for a javascript and semi-php and this is what i got so far -.-

<?php

if(isset($_GET['logout']))
{
setcookie ("key", "", time() - 3600);// set the time to minus to remove the cookie.
header("Location: byondTest.php");
die(); //safety precaution to disallow continuation of the scripts.
}

if(isset($_COOKIE['key'])) //if the user is finally logged in.
{
echo 'Welcome, ' . $_COOKIE['key'];
echo '<br><a href="?logout">logout</a>';
die(); //safety precaution to disallow continuation of the scripts.
}

?>

<input type="button" onClick="loginBYOND()" value="Login with BYOND" />

<script>

var byondURL=null;

function loginBYOND(){
byondURL = popupwindow("http://www.byond.com/login.cgi?redir=1", "byondLogin", 1000, 575);
var timer = setInterval(function() {
if (byondURL.closed) {
clearInterval(timer);
};
}, 500);
}

function popupwindow(url, title, w, h) {
var left = (screen.width/2)-(w/2);
var top = (screen.height/2)-(h/2);
return window.open(url, title, 'toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=no, resizable=no, copyhistory=no, width='+w+', height='+h+', top='+top+', left='+left);
}
</script>


<?php
//<a class="menu_link" href="https://secure.byond.com/members/?command=edit_account">
?>


//Use the code blow to check if they're signed in
//if they are, you just need to use a script to copy the users key.

//<a class="menu_link" href="https://secure.byond.com/members/?command=edit_account">
Ideally, if you can check the URL of the newly opened window with javascript and copy its innerHTML, it would be as simple as that.

But I have no luck with it whatsoever, so I give up and thats what I leave you with -.-
Bump to this suggestion.

I am currently working on a website dedicated to the sciences of BYOND. The community, development, examples, summaries of games, and whatever else users may feel the need to communicate about.
I was hoping to restrict the access to the BYOND community only, as I would rather not have randoms who do not use the services commenting about features on the service.
Also going to give this a +1, some suite of tools to allow us to create websites and games that used BYOND's login would be crazy handy.
There is a work around, I use it on my forum.
You will need:

Web server
Some server side scripting support on web server (php/asp/etc)
Web client server.
Mysql or other database engine accessible by both the web server and the web client server


Make/code web client server,
Web client server should take only web client connections in...
Generate a random token or chunk of text at least 32 characters long with each client connection
Store the clients byond key in the database along with the token and the current datetime
Use a browse() window and javascript to redirect the client back to the website with the token (but not the key) (ie, http://website.com/byondauth.php?token=[token] )

On the website, a script should take incoming connections in,
check for and grab a GET variable called token
access the database and find that token, error if it doesn't exist.
Grab all info attached to that token then delete it, tokens are one time use.
Check the datetime isn't too old (5 to 15 minutes, depending on how secure you want to be)
Take the client's key, store it in a more permanent part of the database,
Generate a session for them and add it to their cookies

Now in your website, you just check for that session cookie, and validate it against the sessions table of the database. If they don't have it, or the session doesn't exist or is too old, you display the login with your byond account button.



To see this in action, register an account at https://tgstation13.org/phpBB/ then click this link: https://tgstation13.org/phpBB/linkbyondaccount.php

Note, this is actually a required step to gain posting rights and wiki edit rights on tgstation

And it's used to validate admins for access to the ban database tools.
My method uses DMCGI, logs you in using the BYOND website, redirects you back to the DMCGI, sets some cookies based on your key data, other stuff uses said cookies to use it. I've even made a MediaWiki plugin that uses the same setup.
In response to MrStonedOne
An easier way is using the depreciated DMCGI then pass the key to a PHP session.

You'd need a VPS for that however, most web hosts won't install BYOND and modify their web server rules to launch dmbs with DD..
I'd like to see a REST API for this kind of behavior. Later maybe it could even be extended to something like BYOND Credits, but BYOND probably doesn't want that kind of liability lol.
In response to A.T.H.K
This is kinda the point of the request, to avoid having to set up to use DD/DMB/anything BYOND related.
In response to Rushnut
Rushnut wrote:
This is kinda the point of the request, to avoid having to set up to use DD/DMB/anything BYOND related.

I know that, its was an alternative to MrStonedOne's PHP example.

I've been on this request since 2011 pretty sure I know what it's about by now, 4 years later..
In response to A.T.H.K
A.T.H.K wrote:
I've been on this request since 2011 pretty sure I know what it's about by now, 4 years later..

/bends over
/submits

You see, nobody here has explained how to use dmcgi to get the key data.


I've at least explained in great detail how to use the webclient to do this
In response to MrStonedOne
Thank you for your post, it has helped me out a great deal. How did you manage to get Dantom DB working for remote databases? Or are you merely passing variables through Export and browse with top.location.href?
In response to MrStonedOne
http://www.byond.com/developer/Dantom/CGI

"Login(new_url)"
im sure experienced users will have no problem figuring it out on their own
That doesn't help gateway....


How the fuck is the dmcgi suppose to be able to know who the user is?

How the fuck does that work?

In response to Inuyashaisbest
DantomDB works with remote databases fine, the hard part is getting the webclient server authenticated to a remote database, as the default configuration of mysql restricts connections to local ips
Page: 1 2 3