question

Seth avatar image
Seth asked

Login flow - Lost progress and unnecessary created account

Hi

I know from previous experience of games that this can be a tricky thing trying to cover every case of login logout of facebook, changing device etc. I tried to setup a flowchart just to see how I would handle my accounts and logins/logouts but I still have some problems with it.

Here is what I have: 

As soon as player starts the game for the first time it will create an account using what I call a coreId. CoreID is iOS, Android or Custom login that all are hardware specific (using MAC adress+timestamp in desktops as custom ID).

This will not work if player changes hardware so I offer FB connection. It will then login to PF with a token but NOT create a new account. If it fails to login I just link the token to the PF-account I have using LinkFacebookAccount.

So far so good. Now say that I change mobile device.

Same thing happens. New account is created, I play a few rounds but then realize I want to have my old progress so I connect to FB again. This time it will be able to login with the FB token and therefor will use the old PFAccount. 

The problem is that I can never now disconnect my FB account as then it will revert to the newer account (logging in with my new CoreId). 

I'm kinda stuck here at the flow. Anyone that would care to help?

 

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

3 Answers

·
brendan avatar image
brendan answered

Correct - accounting for the case where the player winds up with multiple accounts is important, and it's one reason we have the Unlink API calls. At the start of the game, what you may want to do is have two options - login with Facebook and play. If they login with Facebook, you should make sure to link their CoreId. If you find that their CoreId is already on an account, highlight to the player that he has two accounts and show a key value for each, like character level, so that he can pick which he wants to keep. Then you can unlink whichever auth type you need to from the other account, and link it to the one being kept.

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Ricardo Chavarria avatar image
Ricardo Chavarria answered

How would we go about unlinking the previous account? Do we need to sign in to the previous account, UNLINK it, then login back to the new account?

This seems like a problematic flow. I would rather have an API call that let's me unlink the other accounts from the ID.

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

brendan avatar image
brendan answered

Correct - you would need to log into the account in order to unlink it. Anything else would give hackers a way to unlink accounts for other players. Also, if there's any account merging you want to do, you would need access to that account's user data, statistics, etc., in order to pull it over to the "final" account.

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.