How do I Secure passwords being sent by AJAX (SSL?) Help me

0 favourites
  • 2 posts
From the Asset Store
Create your own wss server and ws server with ssl and without ssl.
  • My website uses wordpress, to which I have a database setup for the user information (Username, Passwords, Emails, etc). For the application I am developing, I have a PHP file that compares Username and Password information sent via a AJAX Post from my app, to the wordpress user information database. Basically what happens is VIA the application the user enters a username and password, a API key is generated and sent to the PHP file. The file compares the api key and then the password and username information. If everything is valid, it returns the username via Ajax.LastData which my game uses for leaderboard updates.

    My question about security is for the password being sent via the Ajax post method. I've thought about hashing the password with a salt and comparing it to the salted password of the wordpress database, but this does not seem as secure as it sounds. I was wondering how I would go about using SSL (as I believe this is the fix for my problem) or some other method to really secure the password that is being sent. I originally wanted to have the user log into the website on the device they are playing on, and have a php script check if they are logged in so I wouldn't need to send the password via Ajax, but I didn't know how to do this so I went with the above mentioned method.

    I own a hostgator account, have a good understanding/knowledge though I am still a bit of a beginner (learning from a friend who knows a decent amount of this stuff, but is unfamiliar with construct 2). Any help would be appreciated!

  • Try Construct 3

    Develop games in your browser. Powerful, performant & highly capable.

    Try Now Construct 3 users don't see these ads
  • Yo JHunter. Did you ever figure anything out with this? I'm thinking we'll have to figure out how to limit posts to a php endpoint to only come from certain urls where the game is hosted...

Jump to:
Active Users
There are 1 visitors browsing this topic (0 users and 1 guests)