Hi all,
I'm new to PlayFab and I'm trying to set up a fairly lightweight POC.
Imagine that in my game, there are 10 levels. A player can unlock levels buy spending 10 virtual currency, and you have to unlock level 2 first before you can unlock level 3, and so on.
Let's say I store the amount of `unlocked_levels` in Player Data.
With a valid SessionTicket for my logged in user, I can now call `https://xxxx.playfabapi.com/Client/UpdateUserData` with body:
`{ "Data": {"unlocked_levels":4} }` and update the data.
Nothing stops malicious users from calling that endpoint though, so you can basically easily change the unlocked_levels data if you grab the SessionTicket for that user, without paying for it with Virtual Currency.
So this is probably not the way to go. What's the best practice to create this basic unlocking mechanic, based and purchases with Virtual Currency?