So the way to do this is a little complex, first you'll need to be able to send a request to GameSparks without logging in, we can do this with DeviceAuthenticationRequest, but as this logs in as a user, you'll have to make sure that unless they log in the regular was (AuthenticationRequest) they cant access any part of your game that sends requests. This could cause them to lose data or not have data stored against their normal account.
Secondly you'd need to set up an event that when the user clicks "forgot password" sends them an email. We support sending emails through SendGrid Cloud Code calls which requires a www.sendgrid.com account. We cant send the user a http request link to change their password as this would require embedding the game secret in the link, this is bad because it would allow any user firing any request they see fit. So in this case the event that sends the email should send a code to the user instead of a clickable link.
We'd need another event that the player can send their emailed code which would run some logic to check the sent code is the same as the received one and if so, change the password using setPassword.
Shane
L
Lee Griffiths
said
almost 7 years ago
Yes that seems complicated. Is there a way of doing through the portal, just by request for now?
For now it's just my client who's testing the game has forgotten his password.
1 person likes this
Customer Support
said
almost 7 years ago
Answer
Yep so if you create a custom event that has an attribute that takes a userId and one for the password:
Then in cloud code add this to the event:
var userId = Spark.getData().userId;
var newPassword = Spark.getData().newPassword;
Spark.loadPlayer(userId).setPassword(newPassword);
then to change the password, find the userId of the player and call the following event:
Has any of this changed? Because, if I'm honest, this is really complicated.
1 person likes this
Customer Support
said
almost 6 years ago
Hi Lukasz,
It's the same, if you are having issues feel free to ask us or log a ticket. We'd be more than happy to talk you through it.
Cheers,
Oisin
D
Dylan Hunt
said
over 5 years ago
Bump - playfab has a call like player.sendPasswordResetEmail -- I'm really envying their command ;) any chance to make an easymode-version? I'd have to even make my own logic to send and confirm an email with this current system.
2 people like this
L
Lukasz Lazarecki
said
over 5 years ago
BTW, I finally resigned from using login & password authorization in my project - it's complicated and without build-in way of resetting passwords it would quickly become a nightmare to maintain (we're currently using a system like that in our game and I constantly receive email with password reset requests). What I'm using (or planing to use, because this is not implemented and tested yet) is Steam/GameCenter/GooglePlay/Facebook authorization - it's easier for the user to use and there's no additional maintenance cost (and there's added value as well - users' friend lists is automatically populated with their contacts).
D
Dylan Hunt
said
over 5 years ago
I thought about that too until I had a sign up promo and realized that many people even completely BLOCK social login sites altogether. I call them privacy freaks. There are many of them... And I can't lose them.
I hate to compare to a direct competitor but if playfab has something so easy to use surely gamesparks can have one too since they've been around longer?
J
Jesper Mansa
said
over 5 years ago
I must agree with Dykan. Please make a automatic "Forgitten Password" feature. If you have 100k users it would be almost unbearable to answer all requsts for new passwords :-/
1 person likes this
M
Mohamad Hindi
said
about 5 years ago
Any updates on "forget password" issue?
D
Domen Grabec
said
about 5 years ago
Hey I was also wondering are there any plans for the tech team to implement the forgotten password feature?
I guess the biggest infrastructural change is to implement some kind of Rest API that can be called and requests handled inside cloud code. This way I could write cloud code to confirm users correct email (user clicks on email confirmation link), and that request would come over HTTP and be handled with cloud code.
W
Wayne Harper
said
almost 5 years ago
3 months later from last response...still an issue? :D
1 person likes this
D
Dylan Hunt
said
almost 5 years ago
Yep still an issue. This is why we moved to PlayFab. One call and they get an encrypted password reset email. Saved an incredible amount of time and I didn't have to handle my own cryptology. Not sure why GS doesn't prioritize this over their UI polish.
Customer Support
said
almost 5 years ago
So, we dont have an out-of-the-box solution to this, but there are options you can use to overcome this problem which we have implemented for our customers.
One option is to have a deviceAuthentication when your player forgets their password. This will allow you to call requests to GameSparks without authentication. You can setup limits in your cloud-code as to what requests can be used by a device-auth player and then simply call a custom logevent request.
Another way is to setup a custom credential which you can hit with a callback from your client. This way is less secure, but you can also have your client send an email with a link to this url. Both ways will require you to save the playerId on the client so you can load it in cloud-code.
Either way, i have created a task for this so it will be scheduled for development and not forgotten again.
Lee Griffiths
Forgive me if this is a silly question but I've not found the answer through searching.
How would I go about resetting a users password when they have forgotten it?
I tried a ChangeUserDetails request but it looks like it only works for the currently logged in user? ("Username:Taken" message).
Thanks
Yep so if you create a custom event that has an attribute that takes a userId and one for the password:
Then in cloud code add this to the event:
then to change the password, find the userId of the player and call the following event:
{ "@class": ".LogEventRequest", "eventKey": "changePassword", "userId": "userId", "newPassword": "newPassword" }Shane
- Oldest First
- Popular
- Newest First
Sorted by Oldest FirstCustomer Support
Hi Lee,
So the way to do this is a little complex, first you'll need to be able to send a request to GameSparks without logging in, we can do this with DeviceAuthenticationRequest, but as this logs in as a user, you'll have to make sure that unless they log in the regular was (AuthenticationRequest) they cant access any part of your game that sends requests. This could cause them to lose data or not have data stored against their normal account.
Secondly you'd need to set up an event that when the user clicks "forgot password" sends them an email. We support sending emails through SendGrid Cloud Code calls which requires a www.sendgrid.com account. We cant send the user a http request link to change their password as this would require embedding the game secret in the link, this is bad because it would allow any user firing any request they see fit. So in this case the event that sends the email should send a code to the user instead of a clickable link.
We'd need another event that the player can send their emailed code which would run some logic to check the sent code is the same as the received one and if so, change the password using setPassword.
Shane
Lee Griffiths
Yes that seems complicated. Is there a way of doing through the portal, just by request for now?
For now it's just my client who's testing the game has forgotten his password.
1 person likes this
Customer Support
Yep so if you create a custom event that has an attribute that takes a userId and one for the password:
Then in cloud code add this to the event:
then to change the password, find the userId of the player and call the following event:
{ "@class": ".LogEventRequest", "eventKey": "changePassword", "userId": "userId", "newPassword": "newPassword" }Shane
Lukasz Lazarecki
Has any of this changed? Because, if I'm honest, this is really complicated.
1 person likes this
Customer Support
Hi Lukasz,
It's the same, if you are having issues feel free to ask us or log a ticket.
We'd be more than happy to talk you through it.
Cheers,
Oisin
Dylan Hunt
Bump - playfab has a call like player.sendPasswordResetEmail -- I'm really envying their command ;) any chance to make an easymode-version? I'd have to even make my own logic to send and confirm an email with this current system.
2 people like this
Lukasz Lazarecki
BTW, I finally resigned from using login & password authorization in my project - it's complicated and without build-in way of resetting passwords it would quickly become a nightmare to maintain (we're currently using a system like that in our game and I constantly receive email with password reset requests). What I'm using (or planing to use, because this is not implemented and tested yet) is Steam/GameCenter/GooglePlay/Facebook authorization - it's easier for the user to use and there's no additional maintenance cost (and there's added value as well - users' friend lists is automatically populated with their contacts).
Dylan Hunt
Jesper Mansa
1 person likes this
Mohamad Hindi
Any updates on "forget password" issue?
Domen Grabec
Hey I was also wondering are there any plans for the tech team to implement the forgotten password feature?
I guess the biggest infrastructural change is to implement some kind of Rest API that can be called and requests handled inside cloud code. This way I could write cloud code to confirm users correct email (user clicks on email confirmation link), and that request would come over HTTP and be handled with cloud code.
Wayne Harper
1 person likes this
Dylan Hunt
Customer Support
One option is to have a deviceAuthentication when your player forgets their password. This will allow you to call requests to GameSparks without authentication.
You can setup limits in your cloud-code as to what requests can be used by a device-auth player and then simply call a custom logevent request.
Another way is to setup a custom credential which you can hit with a callback from your client.
This way is less secure, but you can also have your client send an email with a link to this url.
Both ways will require you to save the playerId on the client so you can load it in cloud-code.
Either way, i have created a task for this so it will be scheduled for development and not forgotten again.
Thanks for your patience.
Sean
2 people like this
-
Documentation Notes
-
Design issues with user events
-
Using NoSQL
-
Runtime Collections vs Metadata Collections
-
Anonymous authentication from browser app
-
Modules
-
Movement With Unity
-
Problem with url parameters for downloadables
-
Querying NoSql GameSparks database
-
Challenge accesType
See all 2487 topics