-
Notifications
You must be signed in to change notification settings - Fork 0
Accounts
PEMapModder edited this page Aug 28, 2015
·
4 revisions
Every unique user on LegionPE is assigned with a user ID (UID). If username changes ever occur, the UID will still be kept the same.
GET /api/Name2Uid.php| Name | Type | Description |
|---|---|---|
| name | string | The username to query for; case-insensitive |
| Name | Type | Description |
|---|---|---|
| uid | number | The result user ID |
{
"status": true,
"error": null,
"data": {
"uid": 3
}
}There are two methods to authenticate as a user using BA: UID + hash or username + hash.
Passwords REALLY SHOULD NOT be sent in plaintext through the API. Instead, hashes are sent.
This is an example implementation of the hash algorithm implemented in PHP:
bin2hex(hash("whirlpool", $password . $uid, true) ^ hash("sha512", $uid . $password, true));where $uid is the user ID (presented as a decimal string) and $password is the user password. The output is the hex representation of the binary output of whirlpool(password + uid) and sha512(uid + password), combined using XOR (per byte).
The request fields hash and uid, or hash and name, are required for every request that uses BA.