One database to different hosting webservices

Started by Elev8, Nov 17, 2022, 02:38 AM

Previous topic - Next topic

Elev8Topic starter

Is it possible to allow users to log in with the same credentials on both a forum and a game launcher that are hosted on different servers? One server hosts the forum while the other hosts the game launcher, each with their own database. This presents a challenge as the login information must be synced across the two servers.
  •  

autorenta

External access to a database in shared hosting is usually not possible, and replication may also be prohibited. However, you can still retrieve API data when logging in from one location, or use a bicycle HTTP tunnel to connect.

 

Many projects are adopting a micro-service architecture, which enables them to reference a separate service that accesses the necessary database table instead of accessing it directly. This code can be written quickly and easily using file_get_contents on the client side, while the server-side code remains the same as with normal authorization but returns a true value instead of a location.
  •  

IVKH

Combining two accounts for the sake of added convenience and saved time may not be worth the potential security risks. In the event of a hacker attack, both accounts could be compromised simultaneously, which could pose a serious threat. Therefore, it is important to carefully consider the benefits and drawbacks of such an association.

While combining accounts may offer some advantages, it is crucial to prioritize security and ensure that all necessary precautions are taken to protect sensitive information from cyber threats. This includes implementing strong password policies, enabling two-factor authentication, and limiting external access to databases. Ultimately, the decision to combine accounts should be based on a thorough risk analysis that takes into account the potential consequences of a security breach.
  •  

ksparks

To configure a second site to access an SQL database, a new user with the appropriate permissions can be created and added to the settings. It is recommended to consult the hosting provider's support service or SQL operator for additional guidance, as certain permissions may be required to connect from a third-party IP or account.
Configuring SQL user permissions is critical for securing data access, and it is important to ensure that only authorized users have access to sensitive information. When creating a new user, it is essential to specify the appropriate level of permissions based on their role and responsibilities. This can include granting read-only access or limiting access to specific tables or columns. Additionally, regularly monitoring user activity logs can help detect any suspicious behavior and prevent potential security breaches.
  •  

dinesh

To achieve this, we need to implement a centralized authentication system that enables seamless communication between the two servers.
One approach is to use a single sign-on (SSO) solution, such as OAuth or SAML, which allows the user to log in once and access multiple applications without being prompted to log in again. With SSO, the user's credentials are authenticated by a central identity provider, and this authentication is then trusted by both the forum server and the game launcher server.

Another option is to synchronize the user data between the two servers using a secure and efficient data transfer protocol. This involves regular synchronization of user account information, including usernames, passwords (or preferably securely hashed and salted password hashes), and any other relevant user data, to ensure that the user accounts remain consistent across both platforms.

It's important to consider security implications when implementing such a solution. Strong encryption and secure communication protocols should be used to protect the transmission of sensitive user data between the servers. Additionally, strict access controls and audit trails should be implemented to monitor and track any changes to user data during the synchronization process.

From a development perspective, the implementation of the synchronization process would involve designing and creating robust APIs for data exchange between the forum and game launcher servers. This would require careful consideration of data formats, error handling, and response codes to ensure smooth and reliable synchronization.
Enabling users to log in with the same credentials on separate servers hosting a forum and a game launcher is indeed possible through the implementation of a centralized authentication system or data synchronization mechanism. Careful planning, robust security measures, and well-designed API endpoints are essential components of such an implementation.
  •