I need some basic user account system, as I’m building some custom VR apps (that won’t go through any app store) for a local company, but I need to make sure they won’t make a thousand copies of them and give them to other companies. So lets say, it only runs the app when wifi is connected, and checks with a server to make sure the username password is valid and the copy is within the allowed number of copies for that account.
I’m not sure what to look for with that description. Any clues?
This is less a Unity question and more a general development question.
And most of the work will be on your server side. You’ll need to setup a server with a database of known users as well as a web service that your Unity application/game can communicate with securely (should be behind https or some other encryption since passwords are involved). Don’t forget to hash those passwords in the database.
You may also want to have a portal that lets your users login through a browser to check the status of their account and change their password…
Then all you do on the client side is on startup submit the credentials to the server (hash the pw on the client side incase something steals that data between client and server). Validate on the server (check pw, check user count, etc) and return a success/fail closing the application if it fails.
…
This is your simplest setup and a hacker could definitely step around this simply either by hacking the source code and or even just setting up a local fake web service and telling its local DNS to point your web address to that instead.
But it’s a basic start for now.
From there you would start upping your security game. To cover the exploits that could be made against your design.
In the end the rule is this:
Everything on the client side is vulnerable and considered insecure.
You are right, this is more of a general development question, and at this point I don’t have the budget to implement it from scratch, so I’m ready to buy a turnkey solution to simply hook in the app. Is there something of that kind you are aware of?