Hi, I'm setting up the reset password functionality for a game I'm working on, and currently I have it set up on the client to let the user enter their email address and send the account recovery email, which is arriving without issue.
My problem is how to actually reset the password. I've done a lot of searching and it looks like it's recommended to implement this on a web server using the PlayFab Admin SDK. Unfortunately, I'm not much of a web developer, and I'm concerned this would take too long to implement. The website it would use is running on WordPress, and I've done a little research about how to get it working on the web server, but I have yet to find any solid answers and am still a little confused about the security of it, since the Admin API requires the title's secret key.
So I was hoping to use an Azure Function (as I've seen others suggest on here in multiple places) through cloudscript to reset the password. I got the Azure Function set up, published, and connected to PlayFab, but then I discovered that the ExecuteFunction API requires the EntityToken to be called, which I think means the user has to be logged in to use it, correct?
I'm really confused about how to reset a user's password via an Azure Function if the only way to call an Azure function is to have the user be logged in. I assume the only way is to have the client already connected to the server prior to being logged in, and to have the server run the ExecuteFunction API on behalf of the user, but I had no plans for making that client server connection prior to logging the user in.
Am I missing something? Why have I seen so many people recommend using Azure Functions for resetting passwords if this is a limitation?