question

claytoniousmojo avatar image
claytoniousmojo asked

Remember authentication on subsequent runs?,Restore authenticated session on subsequent runs?

I would like to offer email/password authentication as an option in a PC game. From what I'm seeing so far, it appears that I am forced to make the user re-enter these credentials every time he plays the game. Hopefully I'm wrong about that.

Is there really no way to store some kind of auth token locally so that users don't have to explicitly login again with full credentials via the API on every single session of a game?

I can see some workarounds when using 3rd party auth such as Facebook and Google (since they offer a time-limited but reusable token for this very purpose!), but let's focus for a moment on email/password login on a PC game.

I'm not going to store their password locally to submit it for them, of course. Can I store and reuse something like a session ticket from a past session for X number of days, or anything like that?

The use-case of not needing to prompt your user for login on EVERY run of your game seems extremely basic so I'm hoping this is simply a misunderstanding on my part.

Every major API platform has some way to get a token which has a limited expiry (like 30 days) so that your app doesn't have to prompt the user for credentials on every run of a consuming app. Even amateurish web pages have used cookies and a "remember me" checkbox for decades now. All of these schemes are storing some kind of token locally which is a proxy for a past agreement on credentials, not literally the credentials, of course. This has been done for a VERY long time now.

Are we unable to do this with Playfab?

Any help or further understanding would be much appreciated. Thanks!

,

I would like to offer email/password authentication as an option in a PC game. From what I'm seeing so far, it appears that I am forced to make the user re-enter these credentials every time he plays the game. Hopefully I'm wrong about that.

Is there really no way to store some kind of auth token locally so that users don't have to explicitly login again with full credentials via the API on every single session of a game?

I can see some workarounds when using 3rd party auth such as Facebook and Google (since they offer a time-limited but reusable token for this very purpose!), but let's focus for a moment on email/password login on a PC game.

I'm not going to store their password locally to submit it for them, of course. Can I store and reuse something like a session ticket from a past session for X number of days, or anything like that?

The use-case of not needing to prompt your user for login on EVERY run of your game seems extremely basic so I'm hoping this is simply a misunderstanding on my part.

Every major API platform has some way to get a token which has a limited expiry (like 30 days) so that your app doesn't have to prompt the user for credentials on every run of a consuming app. Even amateurish web pages have used cookies and a "remember me" checkbox for decades now. All of these schemes are storing some kind of token locally which is a proxy for a past agreement on credentials, not literally the credentials, of course. This has been done for a VERY long time now.

Are we unable to do this with Playfab?

Any help or further understanding would be much appreciated. Thanks!

Authentication
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Seth Du avatar image
Seth Du answered

It is by design that the Session Ticket you get from PlayFab will last 24 hours, however there are login APIs that do not need locally storing password. Please check LoginWithCustomID, LoginWithAndroidDeviceID, LoginWithIOSDeviceID. These login APIs are usually used for silent authentication.

In normal circumstance, we suggest using device ID for login considering device ID is unique. In terms of email and password, after you login, you can call AddUsernamePassword to bind email address and password manually so that players can use email address for alternative login and other purposes.

10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.