Goboauth

scratchieguy12345678

Goboauth is an authentication system I've been working on for the past week. I don't know why I decided to make a new authentication system, I mean, Fluffyscratch is already fine. I just figured it would be a good project for me to work on. I decided to make a new topic just to show off the system. It's not complete yet, but I am going to post updates about it here.

Also, I probably would not recommend using this because Fluffyscratch is better in every way.

Replit: https://replit.com/@linearlemur/goboauth#index.html

Update 1: Frontend complete

I should probably use more CSS… Nah, that'll have to wait until the next version.

Last edited by scratchieguy12345678 (May 24, 2021 13:08:22)

Steve0Greatness

Looks cool! Hope the project goes well from here.

/hj is the worst tone indicator. It's confusing and ambiguous. I hate it. The point of tone indicators is to indicate tone, or the way that a piece of text should be read, but what does “half joking” mean? Do you just wake up in the morning and think “wow, I really have something I want to talk about seriously but also kinda not, IDK you decide.” It's useless. I hate it. It just provokes a deep rooted anger within me whenever I see it. People just comment /hj as if it makes any sense. It doesn't. Oh wow, it's a tone indicator that's has a relative meaning, how useful, I'll use it in every comment I post. NO. STOP IT. You're a tone indicator, you have only one job, and yet you sit there doing nothing apart angering me.

/srs

^^^ (there's more below)
This one is useful because it tells you that this signature is fully 100% serious. (/srs) Who would've thought that tone indicators needed to tell you something about the piece of text they're attached to? /s

I'm serious, I'm not even going to put multiple (/hj)s a the end of my signature as to mock the previous paragraph for not getting the point of something(like previous version of my signature). /srs

scratchieguy12345678

Steve0Greatness wrote:
Looks cool! Hope the project goes well from here.

Thanks!

kccuber

if you need, i can help with the CSS.

Made using Nord Theme & Inkscape

scratchieguy12345678

kccuber wrote:
if you need, i can help with the CSS.

Sure, you can help!

airplanedodge

scratchieguy12345678 wrote:
kccuber wrote:
if you need, i can help with the CSS.

Sure, you can help!

Ok! (sorry, i'm an alt account of @kccuber, i should really add that to my siggy tbh)

i cannot find this cool topic pleeease help… Don't worry, Ocular has you covered! also, please set a status!

if you can't see the “cubuplod is werk” banner then cubeupload is down.

((get dodged lol:: operators)(https://scratch.mit.edu/projects/488605725/:: pen):: motion)

scratchieguy12345678

REDACTED

Last edited by scratchieguy12345678 (May 21, 2021 18:20:26)

9gr

i already finished my google-styled auth called Greenauth. I don't think my one is poggers so i didn't bother making a topic about it because there are too many new auth systems coming out lately. I may help with this though

site

scratchieguy12345678

9gr wrote:
i already finished my google-styled auth called Greenauth. I don't think my one is poggers so i didn't bother making a topic about it because there are too many new auth systems coming out lately. I may help with this though

I know that there's a billion authentication systems out there, I just created this as a way for myself to learn more about HTML and Javascript. I made a topic about it just to show it off.

9gr

scratchieguy12345678 wrote:
9gr wrote:
snip

I know that there's a billion authentication systems out there, I just created this as a way for myself to learn more about HTML and Javascript. I made a topic about it just to show it off.

okay
is this a nodejs repl?

site

scratchieguy12345678

9gr wrote:
scratchieguy12345678 wrote:
9gr wrote:
snip

I know that there's a billion authentication systems out there, I just created this as a way for myself to learn more about HTML and Javascript. I made a topic about it just to show it off.
okay
is this a nodejs repl?

Yes, I'm using Nodejs for the backend.

scratchieguy12345678

I should probably detail how the backend is going to work:

1. The website generates a random, 10 digit long code
2. The website redirects the user to https://goboauth.linearlemur.repl.co/index.html?code=x, x being the code generated
3. The user clicks a button that brings them to the Scratch project
4. The user enters their code into the project
5. The user goes back to Goboauth and clicks “I have finished”
6. Goboauth checks https://clouddata.scratch.mit.edu/logs?projectid=532947328&limit=2&offset=0
7. The keys “verified?” and “username” in a JSON file named “verified?&username” are set to “true” and the username of the user if they're verified
8. The website makes a GET request to “verified?&username” and gets the username of the user if they're verified

Last edited by scratchieguy12345678 (May 24, 2021 13:45:09)

kccuber

scratchieguy12345678 wrote:
airplanedodge wrote:
scratchieguy12345678 wrote:
kccuber wrote:
if you need, i can help with the CSS.

Sure, you can help!
Ok! (sorry, i'm an alt account of @kccuber, i should really add that to my siggy tbh)

Here's the REPL: -removed, please don't share replit collab links-

no thanks, i'll fork the Goboauth repl or something instead of using that link. Also, remove it please.

Made using Nord Theme & Inkscape

scratchieguy12345678

kccuber wrote:
scratchieguy12345678 wrote:
airplanedodge wrote:
scratchieguy12345678 wrote:
kccuber wrote:
if you need, i can help with the CSS.

Sure, you can help!
Ok! (sorry, i'm an alt account of @kccuber, i should really add that to my siggy tbh)

Here's the REPL: -removed, please don't share replit collab links-
no thanks, i'll fork the Goboauth repl or something instead of using that link. Also, remove it please.

Sorry, I didn't know that.

Last edited by scratchieguy12345678 (May 21, 2021 18:16:38)

scratchieguy12345678

bump

gdpr5b78aa4361827f5c2a08d700

because we need another one of these.

anyway pretty cool. i have my own auth system for magnifier (furrycat auth, The Most Blatant FluffyScratch Knockoff Since OAuth™), which i might make public docs for at somepoint, but neat, although why not comments? comment auth=new scratchers.

pls make it look nice.

scratchieguy12345678

potatophant wrote:
because we need another one of these.

anyway pretty cool. i have my own auth system for magnifier (furrycat auth, The Most Blatant FluffyScratch Knockoff Since OAuth™), which i might make public docs for at somepoint, but neat, although why not comments? comment auth=new scratchers.

pls make it look nice.

Thanks! I probably should've used comment auth, it's just that cloud auth was the first thing that came to mind. Also, I'm working on the making it look nice thing, I promise.

gdpr5b78aa4361827f5c2a08d700

scratchieguy12345678 wrote:
potatophant wrote:
because we need another one of these.

anyway pretty cool. i have my own auth system for magnifier (furrycat auth, The Most Blatant FluffyScratch Knockoff Since OAuth™), which i might make public docs for at somepoint, but neat, although why not comments? comment auth=new scratchers.

pls make it look nice.

Thanks! I probably should've used comment auth, it's just that cloud auth was the first thing that came to mind. Also, I'm working on the making it look nice thing, I promise.

very epic poggers

also i doubt anyone cares but

using HtmlAgilityPack;
using Magnifier.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
namespace Magnifier.Models
{
    [Route("api/[controller]")]
    [ApiController]
    public class AuthController : ControllerBase
    {
        private readonly JwtAuthService jwtAuthService;
        private readonly AuthCodeService authCodeService;
        private readonly UserService userService;
        private Uri authProject = new Uri("https://api.scratch.mit.edu/users/furrycat-auth/projects/534514916/comments");
        public AuthController(JwtAuthService _jwtAuthService, AuthCodeService _authCodeService, UserService _userService)
        {
            jwtAuthService = _jwtAuthService;
            authCodeService = _authCodeService;
            userService = _userService;
        }
        [HttpGet("code")]
        public ActionResult GenerateCode()
        {
            string chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
            int len = 36;
            Random rnd = new Random();
            StringBuilder b = new StringBuilder(len);
            for (int i = 0; i < len; i++)
            {
                b.Append(chars[rnd.Next(chars.Length)]);
            }
            string result = b.ToString();
            authCodeService.Create(new AuthCode(result));
            return Ok(result);
        }
        [HttpGet("token")]
        public async Task<ActionResult> GetTokenAsync(string code)
        {
            foreach (AuthCode authCode in authCodeService.Get())
            {
                if (authCode.code == code && authCode.hasBeenUsed == false)
                {
                    HttpClient client = new HttpClient();
                    var response = await client.GetAsync(authProject);
                    var data = await response.Content.ReadAsStringAsync();
                    dynamic apiComments = JsonConvert.DeserializeObject<List<ScratchComment>>(data);
                    List<ScratchComment> comments = new List<ScratchComment>();
                    foreach (ScratchComment jsonComment in apiComments)
                    {
                        comments.Add(new ScratchComment(jsonComment.id, jsonComment.content, jsonComment.author, jsonComment.datetime_created));
                    }
                    string token = "";
                    foreach (ScratchComment comment in comments)
                    {
                        if (comment.content == code)
                        {
                            authCodeService.Update(code, new AuthCode(code, true));
                            if (userService.Get(comment.author.username) == null)
                            {
                                userService.Create(new User(comment.author.username, comment.author, comment.author.username == "potatophant"));
                            }
                            token = jwtAuthService.GenerateJwt(code, comment.author.username, comment.author.username == "potatophant");
                        }
                    }
                    if (token == "")
                    {
                        return BadRequest();
                    }
                    else
                    {
                        return Ok(token);
                    }
                }
            }
            return Unauthorized();
        }
        [HttpGet("user")]
        [Authorize]
        public ActionResult GetUser()
        {
            User user = userService.Get(HttpContext.User.Claims.ToList().Find(claim => claim.Type == "username").Value);
            if (user != null)
            {
                return Ok(JsonConvert.SerializeObject(user));
            }
            return NotFound();
        }
    }
}

and yes im aware that code is a mess

Discuss Scratch

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

About

Community

Resources

Legal

Scratch Family

Discuss Scratch

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

Goboauth

About

Community

Resources

Legal

Scratch Family

Sign in