question

Kim Strasser avatar image
Kim Strasser asked

Is it necessary to do something in the client if the player changes his password?

I use PlayFabClientAPI.SendAccountRecoveryEmail in the client code if the player wants to change his password.

Is it necessary to do something in the client(log out and log in again?) if the player changes his password while he is logged in his PlayFab account?

Is it possible that the player could be logged in simultaneously with more than one device? What happens if the player changes is password in this moment?

Is it necessary to do something in the client code after the player changed his password?

Account Management
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

2 Answers

·
Citrus Yan avatar image
Citrus Yan answered

@Kim Strasser

>>How can I log out the player (clear the session ticket in the client) on a device?

In the Unity SDK, you can use the ForgetAllCredentials helper function to null the session ticket, other SDK should have a similar function.

>>Is it better to log out the player before I call await EmailRecovery();?

It's better to log out the player after calling EmailRecovery() since you still need the session ticket to make the SendAccountRecoveryEmailAsync call.

>>When should I log in the player again? Should I make the log in call after await EmailRecovery();?

As I see it, a basic logic is that when the player asked to change his password (email sent), your game client should take him back to the login interface for him to log in again.

>>How can I log out all the devices after the player called PlayFabClientAPI.SendAccountRecoveryEmail?

You should figure out a way to notify those devices and have them clear their session tickets. However, this seems a little bit tricky.

>>Which API call should I use to log in the player again? Should I use PlayFabClientAPI.LoginWithPlayFab or PlayFabClientAPI.LoginWithIOSDeviceID?

It depends, they both work as long as they are all linked to the same master account.

2 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Kim Strasser avatar image Kim Strasser commented ·

Is it possible to execute somehow some code right after this PlayStream event happens? For example, is it possible to call PlayFabClientAPI.ForgetAllCredentials(); in the client code to log out the player's device(s) after this PlayStream event happened?

I get this PlayStream event after the player updated his password in the reset link that was sent to his login email address with SendAccountRecoveryEmail.

0 Likes 0 ·
bildschirmfoto-2019-11-01-um-220247.png (31.9 KiB)
Citrus Yan avatar image Citrus Yan Kim Strasser commented ·

PlayStream events happen on the PlayFab server side, you'll need to inform the client about it first and then execute some code. The best way to implement it would be using the PubSub feature PlayFab offers, this allows clients to subscribe to certain topics and be notified of events remotely. It's currently in Private Preview, If you are interested in trying it, please contact us at helloplayfab@microsoft.com.

0 Likes 0 ·
Citrus Yan avatar image
Citrus Yan answered

Hi @Kim Strasser,

>> Is it necessary to do something in the client(log out and log in again?) if the player changes his password while he is logged in his PlayFab account?

It’s safer to log out the player (clear the session ticket in the client so that he cannot make subsequent calls )when he wants to change his password no matter he changes it or not eventually.

>> Is it possible that the player could be logged in simultaneously with more than one device? What happens if the player changes his password in this moment?

Yes, it’s possible. PlayFab is a stateless service, which means that a player can access it as long as a session ticket is valid. So if multiple devices have the session ticket received from the login call, all of them are able to make subsequent calls, acting like they are all logged in.

If the player changes his password at this moment, previously logged-in devices won’t be affected (the session tickets are still available ), meaning that they are still able to make subsequent calls. For upcoming login calls, you will need to provide a newly created password.

>>Is it necessary to do something in the client code after the player changed his password?

Simply log the player out (clear the session ticket in the client) when he wants to change his password and ask him to log in again after he changed it (it’s possible that he didn’t change it, but still, ask him to log in again).

1 comment
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Kim Strasser avatar image Kim Strasser commented ·

How can I log out the player (clear the session ticket in the client) on a device? Is it better to log out the player before I call await EmailRecovery();?

When should I log in the player again? Should I make the log in call after await EmailRecovery();?

My client code:

public async void EmailRecoveryPlayFabAccount()
{
    await EmailRecovery();
// log in again here?
}

private async Task EmailRecovery()
{
    var resultupdate = await PlayFabClientAPI.SendAccountRecoveryEmailAsync(new PlayFab.ClientModels.SendAccountRecoveryEmailRequest
    {
        TitleId = "BFD0A",
        Email = Email
    });

    if (resultupdate.Error != null)


    else
      // Password updated
}
If the player changes his password at this moment, previously logged-in devices won’t be affected (the session tickets are still available ), meaning that they are still able to make subsequent calls. For upcoming login calls, you will need to provide a newly created password.

How can I log out all the devices after the player called PlayFabClientAPI.SendAccountRecoveryEmail?

Which API call should I use to log in the player again? Should I use PlayFabClientAPI.LoginWithPlayFab or PlayFabClientAPI.LoginWithIOSDeviceID?

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.