Add a version gate endpoint so that third-party applications can know what it's set to.

Possibly an extension of #10

An unknown issue is causing "Invalid username." errors when authenticating to game servers.

The common thing about most cases so far is EA username changes. If so, presumably, the Origin API is not returning the correct username anymore? (edit: that might have been a red herring; the common thing now seems to be the sp campaign, and in all cases, atlas is getting the correct username)

https://discord.com/channels/941433221093130270/1045455136169934938

Update: This is primarily a launcher bug; see #15 (comment).

I know docs are in the works but we should at least already have a basic README that says what Atlas is, i.e. MasterServer for Northstar.

We should split up the version gate for servers and clients.

In particular in our current setup, updating a client is much easier than a server (assuming mod-manager). At the same time most vulnerabilities we had to patch and version gate for were on client. As such, we should selectively version gate so that we don't force servers to update where they don't have to.

Another use-case is changes that break backwards compatibility. For example, R2Northstar/NorthstarLauncher#408 will break compatibility with old clients when joining newer servers but newer clients can still play on old servers. As such, it would make sense to version gate only client here.

On Vanilla, clients grab playlists_v2 from Stryder, which contains the gamemodes, maps, etc. as well as localisation for these.

It would be useful for clients to be able to request some localisation document from Atlas. This could be used for displaying localised error messages, mainmenupromos, or potentially even lobby announcements.

In particular:

• Support run-time reloading of more config vars.
• Make it more modular and readable.
• Document more.
• Display more status info at startup.

Continued from R2Northstar/NorthstarMasterServer#84.

Should include:

• Sample config files.
• Supported platforms.
• Recommended production settings.
• Maintenance, backup, and restore instructions.

Atlas should be able to detect mismatches between the gameserver auth/game ports to ease troubleshooting configuration issues since currently, a mismatched auth/game port will cause odd authentication errors to be given to players upon connection.

R2Northstar/NorthstarLauncher#345

Having a system to identify a server without impersonation would allow a "favorite server" system.

I'd propose a system inspired by tripcodes often used in imageboards:

1. A Gameserver sends, when registering itself to the Masterserver, an optional tripcode (or password, etc)
2. The Masterserver hashes this input and confirms it's unique
3. When requesting the server list, the hashed tripcode is included as server information

Similar to /client/mainmenupromos, we should have an endpoint for general northstar announcements that show in the multiplayer lobby on clients.

Current NorthstarMods PR:

R2Northstar/NorthstarMods#699

This PR currently attempts to fetch the data from /client/announcement. It currently expects the response body to be JSON in the following format. All of this is easily able to be changed.

{
    "announcement": "Hello, this is an announcement",
    "announcementVersion": "3"
}

When making a new announcement, announcementVersion must be incremented. Not a lot I can do to get around this, since that's how the vanilla game detects new announcements to display.

Should include stuff about:

• Scope.
• Code review.
• An overview of the code.
• Using pprof.
• Running and configuring development instances.

Probably should also add a no-cgo build to make things easier for Windows users.

Origin -> EA Desktop...

Hetzner US IPs are currently being mapped to Europe, e.g. 5.161.77.0/24, which should be Ashburn.

As a temporary workaround until the @ip2location databases are fixed, Atlas should support overriding the region for IP ranges.

Required for feature parity with the old server, also supersedes R2Northstar/NorthstarMasterServer#66.

Eventually, we want to run Atlas on its own subdomain, putting the website on GitHub Pages or something similar.

Statement of the issue

We currently have no way to verify the identity of an http request made by a client.
A system that allows 3rd party HTTP servers to know if an HTTP request was made by a genuine player would be great.

Use case

For Tone API, this would allow players to authenticate with our backend.
This would mean we can create per-player settings on the backend, and allow players to edit them using a client mod.

We would also be able to let users link their UID with Discord (using a client mod and a discord bot for example)
Linking UIDs with Discord users would mean being able to login through our website (using Oauth2) and change settings.
It would also facilitate fetching one user's stats from the discord bot, or even change settings through the bot.

Proposal

I'd suggest to use a token-based authentication system

1. client logins to masterserver, mastserver gives a token to the client
2. client sends an HTTP request containing the token to a 3rd party HTTP server
3. 3rd party server checks authenticity of token with masterserver using an HTTP request

Informations the masterserver could return :

• if the token is genuine or not
• token owner UID
• token expiration date.

TODO