1 decade ago by wrondon
Hi everyone,
I tried to find some place to talk about Playtomic (playtomic.org) but I got no success in finding a community. So I'll try to put my doubt here:
Last week I installed Playtomic in my server however I am really confused about the Playtomic's Private and Public Keys.
If you check out this tutorial http://playtomic.org/server.html you will be able to see this line:
So you just need to create this collection to configure the game (including private and public keys)
Now I am trying to use my Playtomic Installation and, reading the API documentation ( http://playtomic.org/api/html5.html ), the first thing I need to do is initialize it with this code:
But wait a second. My app will contain public and private key inside of it? What could block someone to take the app's keys and makes his own server call?
Is there something I am not seeing? What could I do to become the requests safer?
Best Regards,
Wagner
I tried to find some place to talk about Playtomic (playtomic.org) but I got no success in finding a community. So I'll try to put my doubt here:
Last week I installed Playtomic in my server however I am really confused about the Playtomic's Private and Public Keys.
If you check out this tutorial http://playtomic.org/server.html you will be able to see this line:
Creating game credentials You can add game credentials from the MongoHQ dashboard in the 'games' collection. The collection will be created for you automatically the first time you upload to Heroku. { publickey: "mypublickey", privatekey: "myprivatekey", leaderboards: true, playerlevels: true, gamevars: true, geoip: true }
So you just need to create this collection to configure the game (including private and public keys)
Now I am trying to use my Playtomic Installation and, reading the API documentation ( http://playtomic.org/api/html5.html ), the first thing I need to do is initialize it with this code:
Playtomic.initialize(publickey, privatekey, apiurl);
But wait a second. My app will contain public and private key inside of it? What could block someone to take the app's keys and makes his own server call?
Is there something I am not seeing? What could I do to become the requests safer?
Best Regards,
Wagner