Home/ Questions/Q 8814755
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-14T04:12:32+00:00

I am trying to implement an authentication system using C++/QtTcpSocket for a personal project

  • 0

I am trying to implement an authentication system using C++/QtTcpSocket for a personal project (A Multiplayer Chess Game).

My friend suggested a method for verifying a user but I wanted to ask if there was an easier or better way. Coming from a Python background and mostly doing this project to develop a deeper understanding of C++.

I will post the method my friend suggested and ask for maybe a better solution.

He built it in a kind of pseudo code fashion. The server is mostly built, I am now hoping to implement Authentication

*cheers

void process_packet(PACKET *pkt)
{
    switch(pkt->PacketID)
    {
        case 0: // let's say packet id 0 is the logon packet; packet contents are username and password
        {
            //let's say packet size is 101 bytes; packet id was already received, so get the other 100 bytes
            unsigned char BUFFER[101] = {0}; // i always add an extra byte to the end of the buffer to allow for off-by-one errors ^_^

            int result = recv_packet(pkt->cSocket, 100, BUFFER);

            if(result <= 0)
                return; // connection error; no packet data was received

            unsigned char *UserName = BUFFER+0; //+0 is not neccessary, but the username starts at the beginning. just getting the point across.
            unsigned char *PassWord = BUFFER+50;

            //side note: if we did "unsigned long *blah = BUFFER+4" or something, we would have to make sure the byte order is right. network byte order is BIG ENDIAN
            //  WINDOWS byte order is LITTLE ENDIAN

            result = QueryDatabase("SELECT username, password FROM chess_players WHERE username = '%s'", FILTER_INVALID_CHARS(UserName));

            // check result

            unsigned char ServerResponse[2] = {0};

            if(result['password'] == PassWord)
            {
                ServerResponse[0] = 1; // packet id will be 1. the next byte can be 1 or 0 to indicate logon success or failure.
                ServerResponse[1] = true; // so packet 0x0101 mean logon success, packet 0x0100 means logon failure
                send_packet(pkt->cSocket, ServerResponse, 2);
            } else {

                ServerResponse[0] = 1;
                ServerResponse[1] = false;
                send_packet(pkt->cSocket, ServerResponse, 2);
            }
        }
        break;

        default:
        {
            // received an unknown packet id; send a packet to the client that indicates an error_status_t

            unsigned char *ServerResponse[2] = {0};
            ServerResponse[0] = 2; // packet id 2 means server error
            ServerResponse[1] = 0; // error code 0 means 'unknown packet id'

            send_packet(pkt_cSocket, ServerResponse, 2);
        }
        break;
    }

    delete pkt; // must delete pkt, was created with 'new' in get_client_packets()
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If you have followed the fortune client/server examples, you should have a QTcpServer (Rfserver) with a QThread subclass (Rfdevice, its instance variable is called thread in the following code) that contains a QTcpSocket (listenSocket).

    Having said that, in your server class, listen for incoming connections, my setup looks like this:

    void Rfserver::incomingConnection(int socketDescriptor){
    if(thread){ //if thread exists, there is probably still an open connection
        if(thread->listenSocket){//if thread exists and the listenSocket is filled, there is definately an open connection
            if(thread->listenSocket->state() == QAbstractSocket::UnconnectedState){ 
                //but alas, it could just be in the unconnected state, if so kill it.
                this->disconnect();
                thread->terminate();
                thread=0;
                connected=false;
            }//otherwise, do nothing, because the software is happily connected to a device
        }
    }
    if(!thread){    //if no thread exists, we are by no means connected
        thread = new rfdevice(socketDescriptor, this); //set up a new thread
        //this first connection communicates the string from your socket to the server parent...use it if you want.
        connect( thread, SIGNAL(RemoteButton(QString)),this,SLOT(remoteButton(QString)),Qt::BlockingQueuedConnection); 
        connect( thread, SIGNAL(error(QTcpSocket::SocketError)),this,SLOT(tcpError(QTcpSocket::SocketError)),Qt::AutoConnection);
        connect( thread, SIGNAL(finished()), this, SLOT(threadZero())); //I have a threadZero function that deletes all the data then schedules the socket for deletion.
        thread->start(); 
        connected=true;
        QString *welcome = new QString("Enter your password:\r\n");
        echoCommand(welcome); //this is a function you will implement that sends the welcome message to the pending device.
    }
}

    Okay, so now, when a device tries to connect to the server the device is presented with "Enter your password:\r\n". Your device will respond to this with a password and username perhaps. But the Qt side of things would look like this:

    /*
 FUNCTION:read
    this is a polling runloop that listens for data as long as the socket is connected or connecting.  If a
 write is ever scheduled, it will be called from this runloop..
 */
void Rfdevice::read(void){
    while((listenSocket->state() == QAbstractSocket::ConnectedState) || (listenSocket->state() == QAbstractSocket::ConnectingState)){
        //if there is data available to send write it to the socket
        if(dataToSend) this->write();
        if(listenSocket->waitForReadyRead(50)) readBytes(); 
        //wait for 50ms for data from the device
        //if there is ever data available to be read, read it.
    }
}

    Your device responds with a username/password in the format username---password\r\n. Then the socket does this:

    /*
FUNCTION:readBytes
this is like a callback function because it only gets called when there is data available for read.
It basically converts the data to a string.
 */
void Rfdevice::readBytes(void){
    QByteArray newData;
    newData = listenSocket->readAll();
    QString *recieved = new QString(newData);
    QStringList userAndPass = recieved.split("---");//this is your delimiter
    QString username = userAndPass.at(0);
    QString password = userAndPass.at(1);

    //NOW, check the username and password vs your SQL or wherever it's saved.

}

    The pseudo-code is pretty complete on the particulars. Hopefully you can put it all together! Let me know if you need more code.

    • 0