Forum General User Authentication without QuickConnect

Any issues or discussions relating to Unity development are welcome here.

User Authentication without QuickConnect

Postby rif_k » March 25th, 2014, 4:33 pm

I'm trying to wrap my head around the process of user authentication without using QuickConnect. I would appreciate if someone could read through this and tell me if I've got it wrong.

In my scenario, I have an existing user base, maintained by a website. Thus, I would like the users to use their existing login credentials (email, username, password). The application will be a desktop app, not a web app. Pretty much all of the documentation around authentication assumes the scenario is a web app.

Here's how I see it working:
  • Client app prompts for username and password.
  • Client app makes a web request to my site, passing along the user info.
  • Website checks the login info against the database of users.
  • If the user is authorized, the site generates an authorization hash.
  • Client app reads the hash from the request response.
  • Client app uses PlayerIO.Connect, passing along the game ID, connection ID, username, and hash.
  • Client app should now have a PlayerIO Client.

Is this the appropriate technique?

If so, I have a few further questions. With custom authentication, do the players still have access to PayVault and the other player-specific features that would normally be available to Simple users? How are the custom-authenticated users stored in the PlayerIO backend? Are they listed under the QuickConnect admin page like other users?
rif_k
 
Posts: 6
Joined: March 20th, 2014, 12:51 pm

Re: User Authentication without QuickConnect

Postby Henrik » March 25th, 2014, 11:59 pm

Everything in QuickConnect will be moved over to the new Authenticate method. We just didn't have time to finish moving over everything in time for GDC and the release, but we will get it out as soon as possible.

This means that SimpleUsers aren't gone forever, they're still there in most client libraries, and they'll soon be available everywhere again.

What used to be regular Connect with authentication is now Basic Authentication, so you should use that instead of Connect: http://gamesnet.yahoo.com/documentation ... tion/basic

Your flow looks correct otherwise, and your users will have access to everything, regardless of the method you get a client. They just won't be the same users as any that previously registered through SimpleUsers, although there are ways to get around that.

My best advice for you though would be to wait just a little while for SimpleUsers to be available through Authenticate again.
Henrik
.IO
 
Posts: 1880
Joined: January 4th, 2010, 1:53 pm

Re: User Authentication without QuickConnect

Postby rif_k » March 26th, 2014, 12:09 am

I don't want to use SimpleUsers. Whether they're here today and gone tomorrow, I really don't mind. I want to authenticate my own users that are already in a database elsewhere. My mentioning SimpleUsers was only to ask how the PlayerIO system treated non-Simple/QuickUsers in comparison. But I think you answered that by saying the users have access to everything, regardless of connection method. So that's good. But how are the non-Simple users stored in PlayerIO? Are they in the player database? I assume they get a PlayerObject in the BigDB, just like SimpleUsers?
rif_k
 
Posts: 6
Joined: March 20th, 2014, 12:51 pm

Re: User Authentication without QuickConnect

Postby Henrik » March 26th, 2014, 5:28 am

Non-QuickConnect users don't appear in the QuickConnect users database, no.

But they all get PlayerObjects and PayVaults and everything else, it doesn't matter how you authenticate your users, everyone gets that.
Henrik
.IO
 
Posts: 1880
Joined: January 4th, 2010, 1:53 pm


Return to General



cron