Is it okay to make a whitelisting system for an asset? such as making your script like API with a specific key to input to use its features.
Because of how the update of making the Modulescript not allowed to require if it’s not publicly opened in the Marketplace, this allows me to recreate my whole MainModule to not leak my source code if a user uses my asset and requires my MainModule and puts there certain key?.
Is there a way to make a whitelist system that can’t be read publicly but can still make the asset work as intended?
For example:
- A shop system that has certain features.
- A client wants it, and the owner gives the key (or the client gives his/her userID as a key)
- the
whitelistsystem checks the key and validates it. - if it’s ok to use, then the shop system requests some features with ease.
- if not, then the shop system will halt its process.
What I want to make is a secure whitelist system with hidden source code yet safe so that the client has the trust to use my assets.
Currently, I am using Github to store the valid user-ids to and module scripts. Then the problem is they can be seen by anyone because it’s a public sources. I don’t want other people to copy and rework my assets and use them and produce them on their own.
I am currently researching this and came across with API Key in Creator Dashboard and I must say, I don’t know if it was compatible with my problem.