Skip to content

Add docs for using builtin auth mechanism #10719

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add docs for using builtin auth mechanism #10719

wants to merge 1 commit into from
+42 −0

Conversation

baccenfutter
Copy link

@baccenfutter baccenfutter commented Feb 26, 2025
edited by AThousandShips
Loading

Took a huge unnecessary detour, today. it was an upstream battle...

Since there was no mention of it whatsoever, I intuitively concluded that I would have to build my own authentication on top of SceneMultiplayer. The authentication part was easy, but when trying to figure out how to hook into Godot's RPC call-stack to prevent unauthenticated RPC calls, I got stuck and was made aware of SceneMultiplayer.auth_callback by Discord.

Getting the builtin auth mechanism to work with the available docs on SceneMultiplayer was an upstream battle.

But the main issue to me, is the complete lack of mentioning the availability of the builtin auth mechanism, at all.

Wanted to share my results and prevent others from having to take the same detour.

@baccenfutter baccenfutter force-pushed the high-level-multiplayer-authentication branch 2 times, most recently from 04ec47d to bfa5410 Compare February 26, 2025 23:59
@skyace65 skyace65 added enhancement area:manual Issues and PRs related to the Manual/Tutorials section of the documentation topic:network labels Feb 27, 2025
@baccenfutter baccenfutter force-pushed the high-level-multiplayer-authentication branch from bfa5410 to b9c3c6e Compare February 27, 2025 12:33
@skyace65 skyace65 requested a review from a team March 17, 2025 01:25
@skyace65 skyace65 requested a review from mhilbrunner April 16, 2025 21:52
@AThousandShips AThousandShips mentioned this pull request Jun 7, 2025
Open
@SchnozzleCat
Copy link

SchnozzleCat commented Jun 7, 2025
edited
Loading

In addition to discoverability of the authentication mechanism being low, there also appears to be misleading information in the relevant documentation.

The SceneMultiplayer authentication docs (specifically the docs for peer_authenticating and complete_auth) seem to imply that any given peer does not receive the peer_connected signal for another peer until it has authenticated with that specific peer (by both of them calling complete_auth on each other's peer IDs), but that is not what is happening from what I can tell.

I can only see the authentication handshake happen between a client peer and the server, and once the authentication with the server has completed, peer_connected signals are emitted for all others peers on a peer, even though complete_auth was never called for those peers.

I'm not terribly familiar with the godot source code, but that also appears to be what is happening. _admit_peer checks if the server is calling the function, and if so, forwards peer IDs to other peers. Clients receive this message, check that they aren't the server, and that the message came from the server, and then add the peers. The comment in the code also indicates that these peer connection messages are just being relayed over the server (if relaying is enabled), and the clients automatically accept the peers, without authenticating first.

Ideally the previously mentioned documentation can also be updated as part of this PR to make the entire mechanism more clear.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mhilbrunner mhilbrunner Awaiting requested review from mhilbrunner

Assignees
No one assigned
Labels
area:manual Issues and PRs related to the Manual/Tutorials section of the documentation enhancement topic:network
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Misleading documentation for SceneMultiplayer authentication
3 participants
@baccenfutter @SchnozzleCat @skyace65