PAUTH is the authentication app for Palomino. It handles three authentication methods:
Garry's Mod cleints are sent a challenge code generated by an authenticated gameserver after selecting a character. Game clients send this code to PAUTH and receive a JWT token. From then on, they can make requests to PAPI. All of this is done in the background, without player input.
Game Servers authenticate using a private key, and receive a JWT token for use with PAUTH. They can then use this code to make requests to PAPI.
This is the most straightforward authentication method. We use the Passport library to have the users login through Steam. Then, we fetch the corresponding SteamID's characters from the MySQL database and have them select one.