### Glossary * noname - human that refused to log in * "I refuse to log in/register" * uses "noname" but still unique session key * user - human that logged in * "I am registered and logged in" * player id - unique identifier of a user or noname from session key * int to enumerate users on authserver or smth * persistent to user * host must verify that socket does belong to player id in some way * user profile - data about user (name, discord, avatar...) * player id and all the info like discord avatar and name and id is managed by authserver and passed by as a "profile info" # What I want from authserver: (Autohoster perspective) - Storage and provider of username, data that user decided to publicaly share and presents of specific/any 3rd party like discord, vk, google... (requestable from user id) - Oauth provider to get authenticated user (to get his permission to request rooms and get replays and other "authorized" data, full replacement of current login/register on Autohoster frontend) - player id as hash replacement - player id <-> user profile (or a noname claim) - Ability to send a private notification with oauth (user selects email, discord message or how he wants) (optional) # What will happen to Autohoster database: - hash is gone, replaced with player id from authserver and hosters - users table looses literally everything except host requesting status and maybe other garbage and now has oauth token, oauth refresh token and refresh date - players table will now have only player id and his statistics (primary key) - games table will have player ids as players instead of primary key that is used right now to enumerate hashes - literally everything will now require an authserver visit and will bump traffic (prob will be a localhost one but still) significantly, all pages that require information from authserver will become dead slow because of this (to be expected)