HTML5 how to restrict access to HTML5 game on website

shmurl

Member
Perhaps this is more of a WordPress question rather than a GameMaker question, but I'm not sure where to get guidance for this. Hopefully, it falls within the rules of this forum...

I want to restrict some of the games on my site (torahgames.org) for paying members only.
I recently installed MemberPress plugin on my wordpress website.
It works well, there’s an option on blog posts or pages to only allow members to view, etc (e.g. I’ve restricted access to https://torahgames.org/alefbeisfamily/ )

I was wondering how to also do this with a url.

In other words, I uploaded to my site via FTP.
To play the game I use the url – torahgames.org/wp-content/games/alefbeisfamily/index.html
Is it possible to restrict access to the game/url to logged in (paying) members only?
If yes, what’s the best way of doing this (via memberpress plugin or any other method)?

TIA!
 
Last edited:

NightFrost

Member
Well, I don't know how WordPress does this specifically but the basic idea is, you have to set access to the webpage to require a login. You'd do that through whatever administrative tools the platform gives you, or by changing the code if you're working on that level. I would imagine WP (which incidentally is estimated to power about 40% of all webpages) has a dedicated admin config tool for setting access levels to a site's pages.
 

shmurl

Member
Thanks.
I am able to require login to the webpage.
I put a link to the game on the webpage.
If someone were to copy the url of the game, they wouldn't need to login to the webpage as they could just access the game using the url.
I want to prevent that from happening.
 

NightFrost

Member
If someone were to copy the url of the game, they wouldn't need to login to the webpage as they could just access the game using the url.
Yes, if the page is set to require login, it will redirect to login if someone attempts to access it directly. That's how authentication works on websites; if the page is set to require an authenticated user, it cannot be accessed until authentication has been performed, and instead redirects to whatever resource unauthenticated users get redirected to (usually a login page).
google about .htpasswd
WP has a heavy-duty user/login system built in no doubt, so I think it would be best to work with the (well-tested and hardened) system instead of building one's own. Easier too, as I assume OP doesn't have much experience in building websites, given the question.
 

Binsk

Member
You could also try having the game itself check login details. Two benefits about this:

1. Access method doesn't matter, they must be logged in. Use a 1-time key or something for automatic login on your site.

2. If the files get hosted elsewhere the game will fail to log in unless you explicitly support the required pre-flight check for external communication.
 

shmurl

Member
Yes, if the page is set to require login, it will redirect to login if someone attempts to access it directly. That's how authentication works on websites; if the page is set to require an authenticated user, it cannot be accessed until authentication has been performed, and instead redirects to whatever resource unauthenticated users get redirected to (usually a login page).

WP has a heavy-duty user/login system built in no doubt, so I think it would be best to work with the (well-tested and hardened) system instead of building one's own. Easier too, as I assume OP doesn't have much experience in building websites, given the question.
The page is set to require login, but the URL linked on that page - does not.
I do not have much experience in building websites. Learning as I go. With the help of google and people like you :)
I have no problem using WP built in system, except I only know how to use that to require login on a page or post on my site. (plus, I'd like to automate the payment process and I haven't seen that option on the built in login system)
 

shmurl

Member
You could also try having the game itself check login details. Two benefits about this:

1. Access method doesn't matter, they must be logged in. Use a 1-time key or something for automatic login on your site.

2. If the files get hosted elsewhere the game will fail to log in unless you explicitly support the required pre-flight check for external communication.
Will look into this also.
Thanks very much!
 
Top