Side note: The “Server whitelist” is important for its own sake. Why?
-
Security: Every time the matchmaker backend creates a successful match, it should generate one “join token” for each player. It should send said token only to the client who needs it. The matchmaker backend will then forward those player GUIDs + tokens to the game server, which would then authenticate all joining players. How? Clients (when joining) can then send their own GUID + token via client RPC. The server will kick all invalid RPCs, and kick players who do not provide the aforementioned RPC within a time limit.
-
This prevents both malicious and accidental joins.*
-
Correctness: Accidental joins can happen in a few cases:
-
You may have a mechanic that automatically attempts to reconnect a player if they DC from the game. If we assume this flow takes roughly 30 seconds, you could have a situation where this players match has finished, and a new match has started on that server. In this case, you do NOT want the re-joining player to be allowed into that match. The above whitelist will correctly kick said player. You may think that the reconnecting player should check with the matchmaking backend FIRST (to confirm that said match is still live before re-joining), but the game server is the authority over the match itself, so doing it the other way around is better.
-
E.g. Attempt to re-join. If it succeeds, fine. If it fails, check match status with the matchmaking backend. If the match is finished, fine, otherwise, attempt to re-join the game server until success.*
-
If your matchmaking backend has a bug, you may erroneously attempt to connect multiple sets of players to a single game server. The game server whitelist communication event can be used to raise errors, for dashboard tracking, allowing you to identify these issues even if players do not report them.
-
Example log: “I (the game server) have not yet finished this match, but the matchmaker is requesting I start a new match with a new whitelist. Returning error XXX to matchmaking backend, and continuing this match until completion!”*
I’ve seen both of the above issues show up in live games over the years (in prod).