Requirements:
1. Account binding. One electronic token can be bound to multiple accounts.
2. login verification, providing a dynamic password generated by the user name and the electronic token.
Hypothesis:
1. The electronic token is an electronic table (time data can be provided, but the time cannot be adjusted once the factory is released, so there is a time error)
2. Each electronic token has a unique built-in key (guid ).
3. An electronic token that generates a password Based on dpwd = hash (Key + time.
Send dpwd and username to the account server through the game logon interface for verification, obtain session creden。, and perform the game.
----------------------------------
Database Design
E-Token table (Eid, key, production information, initial time offset,...) production enterprise database.
Token table in use (Eid, key, Time Offset, username)
Token account binding table (Eid, account name)
------------------------------------------
1. Bind
Input: username (game account), Eid, and clientdpwd
Processing Process: 1. confirm that the EID is valid
2. Calculate servdpwd = hash (Key + current time) based on database records)
3. Compare servdpwd = clientdpwd
4. The binding is successful. Write the "use token table" and "token account binding table"
2. Verify
Input: username, clientdpwd
Processing Process: Use the binding table to obtain the token key and calculate servdpwd for comparison
The above process does not take into account the time error. If the error of plus or minus 5 minutes is allowed, the above two processes should be adjusted as follows.
1. BIND: Calculate servdpwd1 = hash (Key + (current time-5 minutes), servdpwd2 = hash (Key + (current time-4 minutes )),....
Calculate 10 groups of servdpwd (), compare the clientdpwd,
If servdpwdn = clientdpw exists, record "Use the badge table values (Eid, key, n) -- N to match the Time Offset of that group. Note that N can be negative ",
Record "account binding table ".
2. Verify
Input: username, clientdpwd
1. servdpwd = hash (Key + (current time + n )),
2. Compare servdpwd = clientdpwd
2. 1. Successful. Verification passed. The session credential is returned.
2. 2. Failed. Calculate servdpwdm = hash (Key + (current time + n) + M), -- m is the plus or minus adjustment time, which can be [-5].
2.2.1. Compare servdpwdm = clientdpwd
2.2.1.1 successful. The "Time Offset" Field of the token is updated to "N + M" (M indicates the matching offset minutes)
-----------------------------------------------------
In addition, there are more than 10 million World of Warcraft players in China, so the user database should be relatively large, considering the verification speed,
Consider assigning the user name to 30 databases based on the first character (a-Z, 0-9) (in this way, the number of users of each database is less than 1 million)