[Request] OAuth2
-
Thread created on 12:23:18 - 29/03/24 (5 months ago)|Last replied 11:42:48 - 11/04/24 (4 months ago)Not sure on the feasibility of this, but I've trawled the forums a bit, and aside from a handful of posts which have discord links, I can't see much in the spotlight specifically for Oauth2.
What's the appetite for OAuth2 around here?
Personally, in all the apps and platforms I develop, I try desperately to stay away from username/password storage and prefer passing that off to other providers. Now, for Torn specific apps, it would make perfect sense for a little bit of authentication to be available for basic info and reverification.
At the moment, I have no mechanism to validate that the person using my service is the person they say they are. API keys can be stolen, or leaked and the only viable way I can think of doing this in a way that would make sense would be to ask Torn nicely if it can verify the user attempting to register with me.
What are people's thoughts on pushing for this?
~ Rich~ P
-
-
Posted on 11:28:52 - 11/04/24 (4 months ago)Post link copied to clipboard Copy post linkThe Torn Discord bot is official, I beleive. When joining the official Torn Discord it had me verify my account. Then when I joined a different Torn-related Discord it automatically authenticated me as well. So perhaps there's a way to use Torn's Discord and/or bot, or your own to check for mutual servers, something like that?
I don't know the feasability or how much of a round-about method that would be, but just floating an idea."We have 34 armed guards and we can't kill a pickle?"
-
-
Posted on 11:42:48 - 11/04/24 (4 months ago)Post link copied to clipboard Copy post linkDiscord verification for torn related bots is very basic - it checks if there is a discord ID linked to your torn account. That's it. Once you join and verify the official Torn discord server, your discord id gets tied to your torn profile. You can even query torn API using player discord IDs rather than their player ID.
-