question

Darius Vu avatar image
Darius Vu asked

The question about the confirmation email for forgot password in the app!

Dear Support Team,

I want to develop the function "forgot password" in my app using Unity. I am referring this tutorial to implement it.

https://docs.microsoft.com/en-us/gaming/playfab/features/engagement/emails/using-email-templates-to-send-an-account-recovery-email

But I have the problem in Step 6 - Reset the player's password. I use the app made by using Unity and it doesn't have the callback URL in order that users fill out the form with a new password.

In my solution, I want to do like this follow:

- User click on "Reset password button".

- The confirmation email is sent to user's contact email that they signed up.

- User clicks the "confirmationURL" in the email.

- The app can detect the user clicks or not the "confirmationURL" to verify.

- If user clicked on the "confirmationURL" then they can re-set the password. Other way, they cannot re-set the password until the click confirmation.

So could you tell me how to know and verify that an user clicked or not the "confirmationURL"? Or do you have other method to reset the password for app using Unity?

Thank you so much for your support!

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Sarah Zhang avatar image
Sarah Zhang answered

For clarification, to complete such workflows of “resetting password”, you at least need to implement the following steps.

  1. Implement a password input field that players can enter the new password in it, and implement a button that players can use it to send a resetting password request.
  2. Implement a custom server to receive the player’s resetting password request then call the PlayFab Admin API ResetPassword.
  3. To use the Admin API ResetPassword to reset the password, the required fields Password and Token is needed. So you also need to get the corresponding resetting Token. The token will be attached to the URL when PlayFab sends the recovery emails.

The API of the resetting password request isn’t implemented by PlayFab, it needs to be implemented by title developers selves. Then this request would trigger the server call the PlayFab Admin API ResetPassword. So if you want to implement the “resetting password” programmatically, a custom server is necessary. As long as you ensure the token verification logic is on the custom server, you can implement the password input field in Unity or Web form either. They can both send the Http request to your custom API.

If you don’t want to make a custom server and a web form, you would need to reset the password for players manually. Players can send the resetting password emails to the title developer. The title developer does the token verification, then reset the password using an administrative tool. For this case, you can get the token from the context of auth_token_validated event. This tutorial’s Step 5 - Check that the email was sent mentions this point. You can use this event to trigger a CloudScript function to store the token as the Player Internal Data for the administrator to use.

5 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Darius Vu avatar image Darius Vu commented ·

Hi Sarah Zhang,

Thank you so much for your support.

Could you tell me the function (API method) to get auth_token_validated event in Unity? I made already the UI in my app for reset password. But now the problem is I don't know how to verify that the user clicked an verification email or not. As you said, I can use auth_token_validated event to verify it, right?

0 Likes 0 ·
Sarah Zhang avatar image Sarah Zhang Darius Vu commented ·

In this resetting password workflow, administrative tools, or custom servers are necessary. You can't get the auth_token_validated event in Unity Client. You can only use this PlayStreamEvent to trigger a CloudScript function or a function using Azure Functions to store the event info to the Player Internal Data. Administrative tools or custom servers need to request the get data function, such as GetUserInternalData, to check the stored info.

The possible steps would be something like this.

  1. Write a custom CloudScript function -- "storeToken", to save the Token to the player's internal data.
  2. Create a PlayFab Rule, such as “StoreResettingToken”, choose the Event Type as “com.playfab.auth_token_validated”, set the action as "Execute CloudScript", choose function "storeToken".
  3. Administrative tools call GetUserInternalData to check the stored info.
0 Likes 0 ·
Darius Vu avatar image Darius Vu Sarah Zhang commented ·

Thank you Sarah so much. But it is great if we have the tutorial for that - resetting password in Unity. I think that many people need to do it in their projects.

0 Likes 0 ·
Show more comments

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.