I am working on a client-server application where a user logs in and has the option to play and answer questions. The user can answer as many questions as he can in 60 seconds. So, basically, I need to keep track of the timer. There are two approaches; one approach is to start and end the timer on the client and the other is to do it on the server. My questions are:
If we do it on the client, then the user can somehow hack it. Also, what if the internet connection breaks? How can I handle that?
If we do it on the server, then would it be right as far as performance is concerned? What if there are millions of people playing at the same time? The server would have to keep track of every users' timer and use sockets to notify them. Again what happens if the internet connection is lost? The server while sending message to all the socket channels would also have to keep track if it has received a feedback or not, if not, the server would have to retry sending the timeout message
What would be the appropriate approach here?