What "login" type should i use to connect to internal game server?

Development Programming & Scripting C++
1

For example i have login server, where all players use their LoginName + Password. After that, LoginServer will redirect client to appropriate game server, so what should use client to connect to that new internal server? (obviously not LoginName + Password, but what then?)

For example what is used to make Steam account automatically reconnect without reenterring loginname + password?

Obviously i should use some kind of key based authantication, but how should i create and use that key?

UPD1: in steam its called “Session Key”, now i have to discover how to create/generate that key and then how to use it to connect to game server. I think i can find what i need inside “UE4->OnlineSubsystemSteam”.

UPD2: i found that in UE4 its called “Token” and obtained inside “FOnlineIdentitySteam::GetAuthToken”, representing FString. But anyway there is nothing about “How to generate/create that Token”. I suppose only Gabe Newell knows, or may be you knows?

UPD3: my guess:
Connection using UserName+Password:

  1. Client establish encrypted connection with LoginServer, using SSL, RSA etc…
  2. LoginServer gerenates new OneTimePublicToken.
  3. LoginServer generates new SessionPrivateToken.
  4. Client sends encrypted LoginName+Password to LoginServer.
  5. LoginServer sends encrypted (OneTimePublicToken+AccountInfo+GameServerInfo+SessionPrivateToken) to Client.
  6. Client connects to GameServer using unencrypted OneTimePublicToken. OneTimePublicToken is not valid anymore.
  7. Now GameServer need to identify himself and thats it.

Reconnection using SessionPrivateToken (we need to receive new PublicToken):

  1. Client establish encrypted connection with LoginServer, using SSL, RSA etc…
  2. LoginServer gerenates new OneTimePublicToken.
  3. Client sends encrypted SessionPrivateToken to LoginServer.
  4. LoginServer sends encrypted (OneTimePublicToken+AccountInfo+GameServerInfo) to Client.
  5. Client connects to GameServer using unencrypted OneTimePublicToken. OneTimePublicToken is not valid anymore.
  6. Now GameServer need to identify himself and thats it.

The main question: May be UE4 already has something like this?

UPD4: version 2 without PublicToken:
Connection using UserName+Password:

  1. Client establish encrypted connection with LoginServer, using SSL, RSA etc…
  2. LoginServer generates new SessionPrivateToken and associates it with IP address or Client machine state.
  3. Client sends encrypted LoginName+Password to LoginServer.
  4. LoginServer sends encrypted (AccountInfo+GameServerInfo+SessionPrivateToken) to Client.
  5. Client connects to GameServer.
  6. GameServer checks if there any such IP address and any ServerPrivateToken associated with it. If found then…
  7. GameServer accepts Client encrypted connection using SSL, RSA etc…
  8. Client sends encrypted ServerPrivateToken+AccountID to GameServer.

Reconnection using SessionPrivateToken: repeat (5)-(8).

I think SessionPrivateToken is generated using smth like SHA1(RandomNumber).