Sign In Register

How can we help you today?

Start a new topic
Answered

Clarification on DeviceAuthentication And External Authentications

In my game my goal is to login strictly through the use of the DeviceAuthentication flow. I would however like to allow users to connect their FB account to their user to facilitate data recovery. Ideally I would like to use the FacebookConnect flow and take advantage of some of your out of the box social capabilities. I was originally concerned to read that once connected to an external network you would no longer be able to login via DeviceAuthentication. My main reasoning here is that I don't want to have to rely on continually having a FB accessToken at the ready in order to use what are largely optional server services. All I really care about is "Hey I have this FB id, is there preexisting data out there for me?".


When I started development however, it appears I can connect a user via DeviceAuthentication, then connect using FacebookConnect to link FB, and then still login via DeviceAuthentication. Great. Pleasant surprise although everything I've read in the forum and documentation seem misleading now. But then when I go to implement the ability to disconnect from FB I get an error saying I cannot because the user has not set a password. This doesn't make much sense to me considering the fact that I can successfully login via DeviceAuthentication. Having a password set on the account surely shouldn't effect my ability to continue logging in through DeviceAuthentication. Am I missing something here? Perhaps I can still use DeviceAuthentication due to some sort of authToken trickery for which I cannot find any documentation?


If linking to FB should actually be preventing me from using DeviceAuthentication I suppose my only course of action is to write my own Events to manage the associating of a FB account to a user and not touch any of your externalAuthentication functionality?


Thanks,

Evan


Best Answer

Hi Evan,


It's best to think of a DeviceAuthentication as a Guest account and not a permanent way to log users in, reason being is whatever platform you are developing for is in control of the DeviceID generation, at some point this generation could be changed and a user would lose the link to their account. You can give a Device Authenticated account a username and Password by sending a ChangeUserDetailsRequest with the UserName and NewPassword fields filled out, once this is done you'll know the account can safely be accessed by all of the devices a user owns. With this in place a user can then log into the game manually at which point a token will be cached locally and the user re authenticated automatically when they return. Once the password has been set on the account you can use the SocialDisconnectRequest to remove the link from the social network of your choosing. Can you point me to where you where you read "that once connected to an external network you would no longer be able to login via DeviceAuthentication" and I'll look into this some more for you. 


Thanks,

Liam

1 Comment

Answer

Hi Evan,


It's best to think of a DeviceAuthentication as a Guest account and not a permanent way to log users in, reason being is whatever platform you are developing for is in control of the DeviceID generation, at some point this generation could be changed and a user would lose the link to their account. You can give a Device Authenticated account a username and Password by sending a ChangeUserDetailsRequest with the UserName and NewPassword fields filled out, once this is done you'll know the account can safely be accessed by all of the devices a user owns. With this in place a user can then log into the game manually at which point a token will be cached locally and the user re authenticated automatically when they return. Once the password has been set on the account you can use the SocialDisconnectRequest to remove the link from the social network of your choosing. Can you point me to where you where you read "that once connected to an external network you would no longer be able to login via DeviceAuthentication" and I'll look into this some more for you. 


Thanks,

Liam

Login to post a comment