Login example

How can i do a login in sdk corona with json mysql. I need help, thanks in advance :mellow:

You will need a PHP host with a mySQL database - one.com would be my recommendation.  Then you will need to capture the username and password in your app and send it to a php file (on your server) that will validate and return a true/false as to whether that user is valid.

Is there a specific code? I tried it and I got a code 5

Hi Danelia. I’m not sure what you tried or what’s giving you an error code 5. You need to provide considerably more context for us to know what you’re doing.

To this thread in general, in principle, it’s a pretty straight forward process. You have a server that’s running a database and a web server. To bridge between the database and your web based interface, you need some program (or programs), which could be anywhere from a scripting language like PHP to a compiled C++ app. The job of that code is to handle various HTTP GET and/or POST requests that come in through the web server, validate the input and create, update, read and delete (CRUD) records in the database.

At a minimum you will need two scripts, one to register the user, collecting whatever data  you need from the user and a second one to authorize the user. Since this thread is asking about the login process, at a minimum you will need a username and password to log the user in.

On the Corona side, you would use a pair of native.newTextField()'s to collect the username/password data (or use Facebook or Twitter acquired credentials) and then you would use network.request() to contact the web server script, send the username/password and wait until that script returns some form of success/failure message.

That in itself doesn’t sound too terrible, but there is this MAJOR thing called *Security*. It’s the owner of the website’s responsibility to protect user data. There are many hackers out there looking to access sites username/password data and it should be the number one thought on anyone’s mind setting up such a system. Questions you need to ask yourself is “How well do I understand database management and administration?” “How well do I understand web server management and administration?” "How comfortable am I with web scripting and securing the scripts? “How well do I understand password encryption techniques?” “How well do I understand encrypting network traffic?”

If any of those questions makes you uncomfortable, you should look to someone with more expertise to help you or consider using a service like PlayFab or GameSparks (we have plugins for both) that can handle authentication for you. You will need to be conscious off all of this, but it can help reduce the sheer amount of touch-points and areas of expertise you have to have your hands in.

I wish this was an easier, more secure task, but that’s simply not the world we live in.

Rob

I created a host server and I’m trying to connect it to the mobile app so that the mobile app can read the username and password from the host server.

What host? what is your server scripting code? Who’s generating the error code 5? Your code in your script? Your server? Is you website Apache based? What language are you using for your script? What database server? We need way more context.

Rob

I think you are confused.  Your Corona app should collect a username and password and then send that to your internet host for validation.  You will definitely need to use an HTTPS connection for this so your host will need to support SSL (preferably using TLS1.2).  I would advise hashing the password (before transmission) using a salted one-way encryption - such as MD5 and storing that in a binary field in your database.  

To authenticate the user you look for a match on the username and hashed password in your database and return a token your app can use.  

As Rob pointed out this does pose a security risk and you should keep a record of log on attempts and block after 3 fails (for say 20 minutes) as this will stop the “script kiddies”.

Ask yourself this… do you really need to authenticate users in your app?  App stores will be much more thorough about checking your app (because you are storing personal information) and you will also need a water-tight privacy policy or your app will get rejected.

Hey there!

Rob has already stated that using a service like GameSparks might suit your needs a bit more. We have a whole tutorial on player authentication with our Corona SDK that you can find here! https://docs2.gamesparks.com/getting-started/using-authentication/lua-authentication.html

We have a setup guide on how to integrate this SDK with your game here aswell. https://docs2.gamesparks.com/getting-started/creating-a-game/corona-setup.html

If you have any questions please don’t hesitate to get in touch with our support team via https://support.gamesparks.net/support/home - We’d be happy to help in any way we can!

Thanks

Clare

You will need a PHP host with a mySQL database - one.com would be my recommendation.  Then you will need to capture the username and password in your app and send it to a php file (on your server) that will validate and return a true/false as to whether that user is valid.

Is there a specific code? I tried it and I got a code 5

Hi Danelia. I’m not sure what you tried or what’s giving you an error code 5. You need to provide considerably more context for us to know what you’re doing.

To this thread in general, in principle, it’s a pretty straight forward process. You have a server that’s running a database and a web server. To bridge between the database and your web based interface, you need some program (or programs), which could be anywhere from a scripting language like PHP to a compiled C++ app. The job of that code is to handle various HTTP GET and/or POST requests that come in through the web server, validate the input and create, update, read and delete (CRUD) records in the database.

At a minimum you will need two scripts, one to register the user, collecting whatever data  you need from the user and a second one to authorize the user. Since this thread is asking about the login process, at a minimum you will need a username and password to log the user in.

On the Corona side, you would use a pair of native.newTextField()'s to collect the username/password data (or use Facebook or Twitter acquired credentials) and then you would use network.request() to contact the web server script, send the username/password and wait until that script returns some form of success/failure message.

That in itself doesn’t sound too terrible, but there is this MAJOR thing called *Security*. It’s the owner of the website’s responsibility to protect user data. There are many hackers out there looking to access sites username/password data and it should be the number one thought on anyone’s mind setting up such a system. Questions you need to ask yourself is “How well do I understand database management and administration?” “How well do I understand web server management and administration?” "How comfortable am I with web scripting and securing the scripts? “How well do I understand password encryption techniques?” “How well do I understand encrypting network traffic?”

If any of those questions makes you uncomfortable, you should look to someone with more expertise to help you or consider using a service like PlayFab or GameSparks (we have plugins for both) that can handle authentication for you. You will need to be conscious off all of this, but it can help reduce the sheer amount of touch-points and areas of expertise you have to have your hands in.

I wish this was an easier, more secure task, but that’s simply not the world we live in.

Rob

I created a host server and I’m trying to connect it to the mobile app so that the mobile app can read the username and password from the host server.

What host? what is your server scripting code? Who’s generating the error code 5? Your code in your script? Your server? Is you website Apache based? What language are you using for your script? What database server? We need way more context.

Rob

I think you are confused.  Your Corona app should collect a username and password and then send that to your internet host for validation.  You will definitely need to use an HTTPS connection for this so your host will need to support SSL (preferably using TLS1.2).  I would advise hashing the password (before transmission) using a salted one-way encryption - such as MD5 and storing that in a binary field in your database.  

To authenticate the user you look for a match on the username and hashed password in your database and return a token your app can use.  

As Rob pointed out this does pose a security risk and you should keep a record of log on attempts and block after 3 fails (for say 20 minutes) as this will stop the “script kiddies”.

Ask yourself this… do you really need to authenticate users in your app?  App stores will be much more thorough about checking your app (because you are storing personal information) and you will also need a water-tight privacy policy or your app will get rejected.

Hey there!

Rob has already stated that using a service like GameSparks might suit your needs a bit more. We have a whole tutorial on player authentication with our Corona SDK that you can find here! https://docs2.gamesparks.com/getting-started/using-authentication/lua-authentication.html

We have a setup guide on how to integrate this SDK with your game here aswell. https://docs2.gamesparks.com/getting-started/creating-a-game/corona-setup.html

If you have any questions please don’t hesitate to get in touch with our support team via https://support.gamesparks.net/support/home - We’d be happy to help in any way we can!

Thanks

Clare