Now we have people playing the game, it’s a good time to explain what happens with your facebook data in more detail. Given the nature of the project it’s important for us to make this clear. Here is a diagram I’ve prepared for the presentation we are giving at Piksel at the weeked:
On the left is the naked on pluto server, the machine in the middle is your computer running the client in the browser, and on the right is facebook’s server.
The first thing to notice is that the NoP server doesn’t ever communicate with facebook directly. The other thing to notice is that we never write anything to your facebook account.
The client only passes your name and facebook ID number to the server, where it gets incorporated into the game world. This information is considered public by facebook so it’s a usual thing to do. We use it to pass back to other players, so they can see who else is playing. The facebook ID is used to get the right icon for the players, but we also use it to find the player’s in-game entity when they log in (they are unique – so two people with the same name can play).
All the other information you can see – your friends and their data, is displayed by your client based on the data read by your machine from facebook. None of this gets passed to our server or other players.
Originally blogged on the NoP site here.