[英]How do I authenticate a User on my API against Steam?
I have a React Web App and an API Endpoint.我有一个 React Web 应用程序和一个 API 端点。 Now I want to authenticate (≠ authorize) a user based on their Steam account, probably with OpenID I assume.
现在我想根据他们的 Steam 帐户对用户进行身份验证(≠ 授权),我假设可能使用 OpenID。
Here is a small dialogue + drawing to sum up my idea:这是一个小对话+绘图来总结我的想法:
MRWA : Hey, I'm Joe, let me authenticate on your side with my Steam username and password. MRWA :嘿,我是乔,让我用我的 Steam 用户名和密码在你这边进行身份验证。 (Green Arrow)
(绿色箭头)
Steam : Ah I see, you are Joe - calling redirect URL now. Steam :啊,我明白了,你是 Joe - 现在调用重定向 URL。 (Yellow Arrow)
(黄色箭头)
MRWA : I got the authentication-token + SteamID and will send it to MA. MRWA :我获得了身份验证令牌 + SteamID 并将其发送给 MA。 (Red Arrow)
(红色箭头)
MA : Got your authentication-token + SteamID. MA : 得到您的身份验证令牌 + SteamID。 I'll check if your token is valid because you could send me any SteamID right?... Hey Steam, is this token valid and could you return the SteamID if so?
我会检查您的令牌是否有效,因为您可以向我发送任何 SteamID,对吗?...嘿 Steam,这个令牌是否有效,如果是,您能返回 SteamID 吗? (Orange Arrows)
(橙色箭头)
Steam : Token is valid, here is your SteamID connected to the token you sent me. Steam : 令牌有效,这是您的 SteamID 与您发送给我的令牌相关联。
MA : Gotcha, I'll now send MRWA an access token for myself so I don't have to ask you again. MA :明白了,我现在给 MRWA 发送一个访问令牌给自己,这样我就不用再问你了。
How do I archive this?我该如何存档?
Use this Library.使用这个库。 https://github.com/SmItH197/SteamAuthentication
https://github.com/SmItH197/SteamAuthentication
This will work for everything you need.这将适用于您需要的一切。
If you go into it, you'll see it has a way for you to authenticate users, and check to see if they are signed in with if(!isset($_SESSION['steamid']))
如果你进入它,你会看到它有一种方法可以让你验证用户,并检查他们是否使用
if(!isset($_SESSION['steamid']))
Then you can perform any task you may need to, and authenticate if it still is the correct user.然后您可以执行您可能需要的任何任务,并验证它是否仍然是正确的用户。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.