An (unoffical) authenticator for slippi accounts.
Slippi-auth is a service that provides authentication using a slippi account. It works by faking a netplay player which the person wanting to authentify has to connect to in direct mode.
Warning
Because the traffic is not encrypted between the slippi servers and slippi-auth, if an attacker gains privilege on the network of your sever he can authentify as anyone. I would therefore not use this auth for sensible data.
- Clone the repo:
git clone https://github.com/ananas-dev/slippi-auth
cd slippi-auth- Create accounts that will be used by the authenticator, you'll need to grab their uids and play keys found in their
user.jsonthen put them in a file calledclients.jsonin the slippi-auth directory:
[
{
"uid": "redacted",
"playKey": "redacted",
"connectCode": "XYZ#111"
},
{
"uid": "redacted",
"playKey": "redacted",
"connectCode": "XYZ#222"
}
]- Install ENET:
-
Windows: Nothing to do.
-
Debian Based Linux:
apt install libenet-dev- Mac:
brew install enet- Run the service:
go run cmd/slippi-auth/main.goSlippi-auth starts a websocket server on 0.0.0.0:9002 you can then communicate with it using this workflow:
First you have to send the connected code of the user you want to authenticate and the timeout in ms.
{
"type": "queue",
"code": "XXX#123",
"timeout": 60000
}When the server will start searching for the user, it will send this message containing the auth connect code:
{
"type": "searching",
"auth-code": "AUTH#321",
"code": "XXX#123"
}The outcome of the authentication will contain the queued connect code:
✅ User has been authenticated
{
"type": "success",
"code": "XXX#123"
}❌ Authentication timed out:
{
"type": "timeout",
"code": "XXX#123"
}❌ There was an error:
{
"type": "err",
"code": "XXX#123"
}❌ There are no available authentication clients:
{
"type": "full",
"code": "XXX#123"
}