[Feature request] Sessions token Auth for API and secure file downloading.

[Smellon69]

The api should be able to interact with the loader much like how keyauth functions where session tokens are used. And if you were to add secure file downloading, if there was no session created, meaning they forced a success response illegitimately, they wouldn't be allowed access and the user could customize it to ban them or whatever. If these 2 things were added, I'd switch from KeyAuth and maybe make some pull requests with more cool things.

[https://github.com/KeyAuth/KeyAuth-Source-Code](The KeyAuth source code) [https://github.com/KeyAuth/keyauth-cpp-library](The KeyAuth client api source code)

[Smellon69]

Hi,

Thanks for your suggestion.

Okay a few things:

The suggestion for ban customization is a very good idea.

Could you also explain what API interactions/functions etc would be important to you?

Because just shitting the github link of keyauth in the issue doesn't help us.

I can tell you that the API will deny access if the user authentication fails.

Also, the panel also uses session tokens but not for the API.

The API has been neglected because most people are only interested in user-pass auth, username, ban status, and hwid.

But I can't imagine that the API will be extended/changed much.

Simply for the reason that we lose the desire to work on the panel because most people just paste it and create issues because they are too stupid to follow the setup or have broken it by pasting and then want us to fix it.

Also, it gets very low attention.

If you added sessions to the authentication aswell as file downloads, I'd make a toturial and make these retards quit opening issues. Also it should just have sessions idk how else to explain which is why I linked KeyAuth. Literally just look at client side library init function and login function and just big skid. I could even make my own c++ loader implementing everything if you made it serverside. Also a major keyauth flaw aswell as almost any auth is the success message being spoofed or set to true. This could be fixed by making the success message dynamic using a randomly generated key which only works for that session ig.

[anditv21]

Hi, I am working on another feature in combination with the last major update for an unspecified time. I will implement such a system with several custom messages (probably a very basic version without variables). If in the future I make another major update I will certainly come back to your suggestions.

Thx ;)

[Smellon69]

Hi,

I am working on another feature in combination with the last major update for an unspecified time.

I will implement such a system with several custom messages (probably a very basic version without variables).

If in the future I make another major update I will certainly come back to your suggestions.

Thx ;)

Nice to here. But if you would add the basis for a great auth with sessions and enckeys etc just like keyauth, this can be a really great auth. I will go through the effort of making a c++ example for the panel when you add this.