is_public flag in Boundlexx maps to the
public property that is returned by Sovereign worlds in the game API. That value is in turn is determined by the global “Can Visit” on Sovereign worlds in the World Control. For Homeworlds, Exoworlds and Creative worlds,
public is never returned so I always assume they are public.
That is part of a feature set I would love to do if I can get game auth integrated in to Boundlexx, but that is currently not easy to do in a secure and “trustful” way. The Boundless Accounts SSO server is designed to only work with the forums and the game servers so I can make my own login page that can send the credentials you give to the Boundless Accounts server to auth, but I still have to accept your credentials, which is not ideal. I would need an OAuth or similar open SSO implementation so I could send the user to the Boundless Account server to auth and then send the user back to me after they are done.
There is no actual way to tell from a user that they own a world, but I could block their Boundlexx account in the case of abuse. Boundless auth integration would help stop some abuse that I rather not have to deal with:
- Does this person actually own Boundless?
- What stops the user from just making another Boundlexx account if they abuse it?
Some of the things I have thought of implementing if users actually had accounts:
- Customized notifications (push/Discord notification for things like change in shop item prices, etc.)
- Obviously access to the worlds they own even if they are private
- Automated control over managing forum posts for worlds you own