What would prevent a player from joining a match that he isn't a part of?
This is for servers 2.0. Suppose matchmaking finds a match for some set of players. Then one of those players shares the IP/port with his friend, who isn't in the match.
It seems like the friend can now, with a hacked client, connect to the match by connecting directly to that IP/port.
How can the server know that the friend doesn't belong in the match?
Legacy matchmaking had RedeemMatchmakerTicket (
https://api.playfab.com/documentation/server/method/RedeemMatchmakerTicket) to ensure that the player belonged in the match.
Does server 2.0 have anything comparable?
Best Answer
Hi Brent, according to the new Server 2.0 architecture, it seems that if a hacked client has the IP/port info then it can connect to the server without any verifications, there is nothing server 2.0 can do to stop it. However, you may need to do some authentication logic by yourself like requiring the player to provide some identities when connecting so that the game server could verify them. For example, you require the clients to send sessionTicket to your server and then use AuthenticateSessionTicket to validate the player, if the player is not in the match, kick/ban the player. The basic idea I think is to do verification works before connections.
For us, at least, our game server doesn't allow any more than the max number of connections for a selected Game Mode. For example, if the server is in 1v1 mode, any connections after the second connection will be dropped.
However, you could go the route of using something like GetMatch() and only allowing connections with the players returned in the GetMatch() result.
Makes sense, thanks for sharing! although it still seems to me that a player can just say "I'm so-and-so" and we wouldn't have any way to verify that without some kind of ticket
True, although maybe you could get the GetMatchResult from each player and ensure that the members in each result are the same as the connecting members, and if not you could kick/ban the players
