Any time your player exits the server, whether from self logout, server reset, or inactivity, your player profile is saved through the Web API located on delaford.com.
The Web API is in the /website part of the Repository and part of the is the AuthController.
When players login, we use JWT tokens to authenticate player sessions. Any subsequent calls need to use the JWT token to the assigned player ID to be able to perform an API call.
We are currently using the tymon/jwt-auth for JWT tokens.
To be able to play the game, you do not need to download the /website repository and make use of these JWT tokens. The /game repository provides their own JSON player profile, located in server/core/data/helpers/player.json, so you can play as a Guest and quickly get into the game using that data.