Not particularly enthusiastic about rolling my own here.
October 9, 2011 10:31 PM   Subscribe

What's a good framework for a turn-based game server?

I'm looking for something that does the following:

- Authenticates users and requests
- Stores game states
- Accepts reported game turns from clients
- Updates game states with logic I plug in
- Serves game state to clients
- Communicates via http, not TCP sockets
- Is not dependent on client platform

I was thinking of building this on Heroku or Google App Engine to test out some ideas, but now I'm thinking something already exists, but my Googling isn't turning much up that isn't tied to a particular platform. I'd prefer to not have to host anything myself but am open to doing so if, overall, it's a fairly simple thing.
posted by ignignokt to Computers & Internet (9 answers total) 3 users marked this as a favorite
Truthfully, it sounds to me that the features you list are really more the aspects of a generic server framework. Assuming the game states are some sort of complex object that can be turned into something like a dictionary/associative array, you're basically talking about a standard RESTful app that stores data and receives and sends it out in a standard format (almost certainly JSON).

The most complicated part will be the game logic, and that's basically the coding that you'll be adding to this system.

As a Python fan I'm of course biased towards Google App Engine. It already has authentication built in so that's not a concern. It also has built-in tools for storage and data retrieval.

It's possible there's a highly abstracted turn-based game server that you can then plug your own logic into, but it just seems like the logic itself would be so tightly coupled with the concept of a turn itself.

Note that someone asked a similar question on StackOverflow a year ago or so.

Here's a quote from the most helpful answer:
How turn-based game servers are structured and implemented

Like any other server it listens for connections, processes requests and sends responses.

It's quite easy to write a web service which uses JSON / XML. I think this will be the
best and quickest solution to your problem (subjective)!
Good libraries/APIs to use
Though there're several good frameworks and libraries on the desktop side of game programming, I can't think of any "web based" library.
Security concerns and common solutions

Basic Authentifcation and OAuth are two of several possibilities to secure your web service.
Existing open source packages

You already mentioned Ruby on Rails but I recommend Django for it's great documentation to get you started. I built my iPhone webservice around Django Piston, which is a great mini framework.
I've been wanting to Learn Ruby on Rails for other upcoming projects and I'd like to kill two birds with one stone, could this framework work well for implementing a turn-based game server?
Yes, see my answer above.
posted by Deathalicious at 10:45 PM on October 9, 2011

Response by poster: When I imagine this, like you, I do think of the generic JSON-based REST services I've dealt with before. But what I'm hoping for is that something that has been out in the wild that has actually been used for a turn-based game, and as a result, deals with things I haven't thought of. Maybe, though, someone can confirm that it turns out there is nothing particular to games that needs to be handled?
posted by ignignokt at 11:11 PM on October 9, 2011

Probably the key unique concern would be cheating. So your focus would be making sure that the game states, as passed to the server, could not be altered by the player. Beyond that, I would create an abstract Turn object that acted as a wrapper around the standard REST operations, extend it to handle each game (assuming your are implementing more than just one) and then determining exactly how you want to implement the game logic itself.
posted by Deathalicious at 11:43 PM on October 9, 2011

You should also look into cross-posting on GameDev if there aren't more helpful answers here.
posted by Deathalicious at 11:49 PM on October 9, 2011

Response by poster: Thanks, Deathalicious. Looks like the consensus over there, too, is that there is not much special that needs to be done.

Re: Cheating: I figure man-in-the-middle attacks can be ducked by using https and then making sure the request came from an authorized client by having the client pass a hash of some secret key and the data along with the data. Seems good enough.

I'll leave this unresolved in case there's more to be heard.
posted by ignignokt at 12:41 AM on October 10, 2011

ignignokt: "Re: Cheating: I figure man-in-the-middle attacks can be ducked by using https and then making sure the request came from an authorized client by having the client pass a hash of some secret key and the data along with the data. Seems good enough."

I meant cheating in your own game, not hacking someone else's. If any of the game details take place on the client's end, you don't want them to be able to send up a false game state, as in "I just killed a monster worth 1000000000 XP and worth 1000000 gold."
posted by Deathalicious at 5:04 AM on October 10, 2011

Response by poster: Ohh, right. Yup, something to look out for.
posted by ignignokt at 7:30 AM on October 10, 2011

Did you see this FPP on Vassel?
posted by Z303 at 2:18 AM on December 7, 2011

Response by poster: I just did! Thanks!
posted by ignignokt at 8:20 AM on December 7, 2011

« Older feeling responsible for a friend's death   |   Help me find movies similar to this... Newer »
This thread is closed to new comments.