nakama icon indicating copy to clipboard operation
nakama copied to clipboard

Published 20 hours ago verified publisher icon heroiclabs

Implement itch.io authentication

Open rcorre opened this issue 4 years ago • 10 comments

itch.io is an online marketplace and app for playing games. It is a popular choice for FOSS games, so I think there could be a fair bit of crossover with Nakama.

Games started via the itch app are passed a JWT token that can be used to authenticate the user with the itch API. The idea is that the game passes this token to the server, and the server passes the token to itch.

This feature was discussed on the forums at https://forum.heroiclabs.com/t/itch-io-authentication/

Depends on: https://github.com/heroiclabs/nakama-common/pull/9

See also:

  • https://itch.io/docs/itch/integrating/manifest.html
  • https://itch.io/docs/api/serverside
  • itchio/itch.io#536 (comment)

rcorre avatar Dec 09 '20 13:12 rcorre

All the manual changes are in https://github.com/heroiclabs/nakama/pull/510/commits/f523610e1d9370aeb23cdfd7bfc33abc065ba106. The following commits are for protoc/go mod/packr automated changes.

rcorre avatar Dec 09 '20 13:12 rcorre

I believe I need to make changes to the console UI as well, but I've been unable to log in. When I run yarn start, I tried putting "admin" and "password" as the username/password in the fields, but the login button seems to do nothing :shrug: .

rcorre avatar Dec 09 '20 13:12 rcorre

Thanks for the pull request @rcorre 🙏

We'll take a look and merge this in sequence and update any changes needed (like when we tag a release of the nakama-common dependencies). Don't worry about the Nakama Console; it's undergone a redesign which is almost complete and we'll incorporate it into that work.

It's likely this pull request will need to wait to be merged until after the holidays because of the remainder of the work we have in progress for the Nakama 3.0 release. Rest assured that we'll incorporate it. Thank you 🙇

novabyte avatar Dec 09 '20 14:12 novabyte

Awesome, thanks for taking a look whenver you get a chance, and enjoy the holidays!

rcorre avatar Dec 09 '20 14:12 rcorre

Reverted the swagger.json changes.

I'll also add there's more we could do here, like validating the user has a download key for your game. I wanted to keep this PR as simple as possible though.

rcorre avatar Dec 10 '20 13:12 rcorre

Added displayname/avatar support in https://github.com/heroiclabs/nakama/pull/510/commits/64ce7d3e5fb8dba124aed8c15175cf1009e64d58.

I'm also wondering if I should try to cache tokens, and only make requests to itch when a token is uncached or expired.

rcorre avatar Dec 23 '20 17:12 rcorre

CLA assistant check
All committers have signed the CLA.

CLAassistant avatar Mar 21 '21 17:03 CLAassistant

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

CLAassistant avatar Mar 21 '21 17:03 CLAassistant

Curiosity, is this PR stuck in limbo? Been open a couple years... hoping I don't have to implement a module I'll then have to figure out how to rollout to my prod env by hand! 😂

csm-kb avatar Nov 04 '23 08:11 csm-kb

@csm-kb Fair question, we've been trying to gauge how much demand there is for this to be brought in as a first-class authentication provider in Nakama. Unfortunately it's not very requested so we will likely close this PR soon.

You can always implement it as a custom authentication provider through the runtime (and fully validate the itch.io token in a before hook of course) so the debate is only whether or not to include it by default.

zyro avatar Nov 04 '23 14:11 zyro