vaneltonid

VaneltonID NodeJS Module Documentation

Introduction to VaneltonID

VaneltonID is a unified authentication system designed for games and applications created using the Vanelton Media Console. It allows players to use a single Vanelton ID account to log in and access multiple games and applications within the Vanelton ecosystem.

This NodeJS module, vaneltonid, simplifies the integration of VaneltonID into your NodeJS projects. It provides functions for user registration, login, application authorization, and session management (including retrieval by token), ensuring a secure and user-friendly authentication experience for your players.

Key Features:

• Unified User Accounts: Users can use their Vanelton ID across all your games.
• Easy Integration: Simple NodeJS module to integrate with your game server or application backend.
• Secure Authentication: Leverages the robust VaneltonID authentication backend.
• Session Management: Persistently store user login sessions, allowing users to stay logged in across sessions.
• Rate Limiting: Built-in rate limiting to protect your application and the VaneltonID service from abuse and overload.
• Session Retrieval by Token: Allows retrieving user session data using a previously obtained token.

Getting Started

1. Installation

Install the vaneltonid module in your NodeJS project using npm:

npm install vaneltonid

This command will also automatically install the necessary dependencies: axios, axios-rate-limit, and node-persist.

2. Configuration

Before using the module, you need to configure the VGD-ID API and obtain your Application ID ( appId ) and Application Key ( appKey ).

2.1. Application ID and Key

Your appId and appKey are unique credentials that identify your game or application to the VaneltonID system. You can obtain these from the Vanelton Media Console at https://www.vaneltongamedev.com.

Steps to Obtain appId and appKey:

• Log in to your Vanelton Media Console account at https://www.vaneltongamedev.com.
• Navigate to your game or application project within the console.
• Look for the VGD-ID Integration or API Credentials section in your project settings.
• You will find your Application ID (appId) and Application Key (appKey) listed there. Keep these credentials secure and do not expose them in client-side code.

3. Importing and Using the Functions

In your NodeJS application files, import the vaneltonid module and the functions you need:

const VGDID = require('vaneltonid');

3.1. Login

Logs in a user with their Vanelton ID credentials.

const appID = 'YOUR_APP_ID'; // Replace with your actual App ID
const appKey = 'YOUR_APP_KEY'; // Replace with your actual App Key
const masterKey = 'YOUR_MASTER_KEY'; // Replace with your actual Master Key (optional, defaults to 'master')

async function attemptLogin(userEmail, userPassword) {
    try {
        const loginData = await VGDID.login(userEmail, userPassword, appID, appKey, masterKey);
        if (loginData) {
            console.log("Login Successful!", loginData);
            // Store or use the session data as needed (e.g., in your application's session management)
        } else {
            console.log("Login Failed: Invalid credentials or user not found.");
        }
    } catch (error) {
        console.error("Login Error:", error.message);
        // Handle login error (e.g., display error message to user)
    }
}

// Example call:
attemptLogin('user@example.com', 'password123');

3.2. Register

Registers a new user with VaneltonID.

const appID = 'YOUR_APP_ID'; // Replace with your actual App ID
const appKey = 'YOUR_APP_KEY'; // Replace with your actual App Key
const masterKey = 'YOUR_MASTER_KEY'; // Replace with your actual Master Key (optional, defaults to 'master')

async function attemptRegistration(newUserEmail, newUserPassword) {
    try {
        const registrationData = await VGDID.register(newUserEmail, newUserPassword, appID, appKey, masterKey);
        if (registrationData) {
            console.log("Registration Successful!", registrationData);
            // User is registered and logged in. Store or use session data.
        } else {
            console.log("Registration Failed: Email may already be registered or invalid input.");
        }
    } catch (error) {
        console.error("Registration Error:", error.message);
        // Handle registration error (e.g., display error message)
    }
}

// Example call:
attemptRegistration('newuser@example.com', 'newpassword');

3.3. Auth App

Authorizes a specific application for a logged-in user. This is used to control access to specific games or application packages.

This is mandatory for all applications, that is, you must always authorize your application for the user, with their authorization, in a prior and well-explained manner, such as an Authorize button.

const appID = 'YOUR_APP_ID'; // Replace with your actual App ID
const appKey = 'YOUR_APP_KEY'; // Replace with your actual App Key

async function attemptAuthorization(userAccountId) {
    try {
        const authorizationResult = await VGDID.authApp(appID, appKey, userAccountId);
        if (authorizationResult === true) {
            console.log("Application Authorization Successful!");
            // User is authorized to access the application package.
        } else if (authorizationResult === false) {
            console.log("Application Authorization Failed: User is not authorized for this app package.");
        } else {
            console.log("Application Authorization Error: Could not verify authorization."); // API error or null response
        }
    } catch (error) {
        console.error("Authorization Error:", error.message);
        // Handle authorization error
    }
}

async function runAuthExample() {
    // Assuming you have a way to retrieve the user's account ID (e.g., from a stored session)
    const userAccountId = 123; // Replace with the actual user account ID
    await attemptAuthorization(userAccountId);
}

runAuthExample();

3.4. Get Session (Retrieve Session by Token)

Retrieves user session data using a previously obtained session token.

const appID = 'YOUR_APP_ID'; // Replace with your actual App ID
const appKey = 'YOUR_APP_KEY'; // Replace with your actual App Key
const sessionToken = 'USER_SESSION_TOKEN'; // Replace with the actual session token
const masterKey = 'YOUR_MASTER_KEY'; // Replace with your actual Master Key (optional, defaults to 'master')

async function attemptGetSession(token) {
    try {
        const sessionData = await VGDID.getSession(appID, appKey, token, masterKey);
        if (sessionData) {
            console.log("Session Retrieved Successfully!", sessionData);
            // You can now use the session data to authenticate the user.
        } else {
            console.log("Failed to retrieve session: Invalid or expired token.");
        }
    } catch (error) {
        console.error("Get Session Error:", error.message);
        // Handle error when retrieving session
    }
}

// Example call:
attemptGetSession(sessionToken);

3.5. API Reference

- MasterKey: MasterKey is a master token verification key. You can set the MasterKey to something that is unique to the device that is creating the token, so that if the token is stolen, it cannot be accessed by another device.

You can set the MasterKey to something else, or you can set it to a default (insecure) key.

Rate Limiting

The vaneltonid module incorporates rate limiting to ensure responsible usage of the VaneltonID API and to prevent server overload. It uses a queue-based system that limits requests to a maximum of 60 requests per second.

This rate limiting is handled automatically within the module. You do not need to implement any rate limiting logic in your application code when using the vaneltonid functions.

Final

By following this documentation and example code, you should be well-equipped to integrate VaneltonID authentication and user management into your NodeJS games and applications using the vaneltonid NPM module. If you have any questions or need further assistance, please refer to the Vanelton GameDev developer support channels.