Coding an application autentication system

software development

#1

I’m a long time PC programmer that does things down to the system level (everything from drivers on up), but I really lack in the web technology area.

I want to code my own simple software authentication system where users of my binary PC software on load will authenticate their key against some sort of database on my DreadHost hosted website.
I’ve examined one where from the application C/C++ code it simply opened a connection to the web site submitted a key and got a true/false response back (all directly in HTTP).
I have a very small count of users, will be low bandwidth, etc., so something simple like this should work.
But eventually I’d like to do something where the some web application/script(s) will allow two of the same keys to authenticate at a given time from the same IP address, etc.
Then later perhaps through more authentication, encryption, subterfuge, etc., to make it more secure (harder for people to circumvent).

Now I’m sure I can handle these simple things from the client side using C/C++ with simple sockets calls, etc., but now sure how to go about this on the host/web site.
Seems like I saw someplace in DH docs before that we can run our own linux programs.
Then I can do my thing in C/C++ but then again maybe writing this in PHP or Java (what ever scripting makes the most sense) would be easier.

I don’t mind using some existing technology, some kind of tool kits, API, et.c, although I prefer things simple, fast, low level, and the least amount of bulk.

I’m not sure what my options are, such as what is or not allowed on DreamHost, what native application support there is, etc.
I’m Googling for these things but words like “authentication” are ambiguous.
Maybe someone(s), in particular with experience doing the same thing, can head me in the right direction.

Thanks in advance,


#2

What about something like this?

  1. Your app creates a key.
  2. Your app requests a script on the site
    — 2.1 Your app may have to speak basic HTTP, call wget or curl or use a library to do this stuff.
    — 2.2 You can use the HTTP POST or GET. You can even use HTTPS.
  3. The script verifies the key and answers back
    — 3.1 You can extract some data from the key, use a database, a checksum, …
  4. Your app makes a decision based on this answer.
  5. ?
  6. Profit!

Hope that helps :slight_smile:


#3

Definetly don’t want to reinvent the wheel here. I’ve used PHP off and on for site for awhile now and currently use CakePHP to take care of the heavy lifting (database access, authencation, authorization, etc.). Tried the Zend Framework but, it was just too complicated for my needs.

CakePHP can be run fairly simply on DreamHost, the only problem I have run into is CakePHP usurping access to the DreamHost provided stats page. Have a hoky work-around for that though.


#4

Thanks, checking out CakePHP now.
It’s appealing to use PHP as it is portable, better understanding of which could be helpful for better/advanced web design, and modification of existing PHP web apps, etc.