Hook into Connect before Login

[Void*]

Is it possible for us to hook into the initial client connection, before the user tries to logon? Alternatively, are anonymous extension calls to the Zone supported?

I'd like to do some key-exchange for ECDH with the client before they send their login credentials.

[Lapo]

Hi,
no sorry there isn't a mechanism to invoke Extension prior to having logged in. It would open a whole pandora's box of security exploits and attacks.
The only allowed interaction is the login request.

Cheers

[Void*]

No problem - thanks for your response

[SmartfoxEnjoyer]

Hi, I had this same issue, now I just login as guest into a separate Zone/Extension called GuestExtension/GuestZone. Then I send my requests and as soon as server has sent the response, I disconnect the guest.

So for every request (before login as user) I do this:

1.Connect as Guest
2. Send request fom client
3. Receive request on server
4. Send response from server to client
5. Server disconnect that guest
6. Client receives response and disconnection notice.

I use a GuestConnection for RequestServerList, InitialJoinServer(Server has to validate (not full, active, etc), SignUp, Activate Account.

Hope that helps you!

Cheers

EDIT: This may be susceptible to flooding/DDOS attempts by guest connections, so you have to do some checks on server side to temporarily ban IPs if they send too many guest requests in a short amount of time.