How do I make events that cannot be accessed by the client?
P
Paavo Kyppö
started a topic
over 7 years ago
Basically, I am using one event to initiate another on the server side and it shouldn't be accessed by the client directly.
Best Answer
C
Customer Support
said
over 5 years ago
Hey Paavo.
What you could do is remove those requests from the device-credential. If you go to the credentials list in your portal you'll see there are a few already setup. Unless you change something your client SDK should be set to 'device' by default.
If you click on the toggle marked "Configure request types that this credential can make? By default, all request types except admin requests can be made."
You'll see a list off all event that this credential has access to. From there you can turn on/off whichever ones you want.
Is this an event that you want to completely lock out players from ever sending ? We have an example project that might be of use to you, basically you can assign roles to the users in your game and set which events each role will have access to. So in your case here you could set this event to Admin only so regular players wouldn't be able to use it. If this sounds like it might be useful to you let me know and i'll add you to the project.
Thanks,
Liam
P
Paavo Kyppö
said
over 7 years ago
That is right, Sean. It's currently setup like this
In this example I am submitting leaderboard data so as I am aware it needs to be LogEventRequest. "period" is then populated by the server.
If it gets complitated I think I can live with the current solution (as long as it is not possible to query for a list available events by the client?). I was just trying to hide it since clients is not supposed to access it directly and thought that there might be a simple way to do it.
Customer Support
said
over 5 years ago
Answer
Hey Paavo.
What you could do is remove those requests from the device-credential. If you go to the credentials list in your portal you'll see there are a few already setup. Unless you change something your client SDK should be set to 'device' by default.
If you click on the toggle marked "Configure request types that this credential can make? By default, all request types except admin requests can be made."
You'll see a list off all event that this credential has access to. From there you can turn on/off whichever ones you want.
Paavo Kyppö
Basically, I am using one event to initiate another on the server side and it shouldn't be accessed by the client directly.
What you could do is remove those requests from the device-credential.
If you go to the credentials list in your portal you'll see there are a few already setup. Unless you change something your client SDK should be set to 'device' by default.
If you click on the toggle marked "Configure request types that this credential can make? By default, all request types except admin requests can be made."
You'll see a list off all event that this credential has access to.
From there you can turn on/off whichever ones you want.
Hope that helps,
Thanks,
Sean
- Oldest First
- Popular
- Newest First
Sorted by Oldest FirstCustomer Support
Hi Paavo,
Is this an event that you want to completely lock out players from ever sending ? We have an example project that might be of use to you, basically you can assign roles to the users in your game and set which events each role will have access to. So in your case here you could set this event to Admin only so regular players wouldn't be able to use it. If this sounds like it might be useful to you let me know and i'll add you to the project.
Thanks,
Liam
Paavo Kyppö
It's currently setup like this
var response = Spark.sendRequest({ "@class": ".LogEventRequest", "eventKey": "LeaderboardScoreSubmit", "score": Spark.getData().score, "period": getTimePeriod() });In this example I am submitting leaderboard data so as I am aware it needs to be LogEventRequest. "period" is then populated by the server.
If it gets complitated I think I can live with the current solution (as long as it is not possible to query for a list available events by the client?). I was just trying to hide it since clients is not supposed to access it directly and thought that there might be a simple way to do it.
Customer Support
What you could do is remove those requests from the device-credential.
If you go to the credentials list in your portal you'll see there are a few already setup. Unless you change something your client SDK should be set to 'device' by default.
If you click on the toggle marked "Configure request types that this credential can make? By default, all request types except admin requests can be made."
You'll see a list off all event that this credential has access to.
From there you can turn on/off whichever ones you want.
Hope that helps,
Thanks,
Sean
-
Documentation Notes
-
Design issues with user events
-
Using NoSQL
-
Runtime Collections vs Metadata Collections
-
Anonymous authentication from browser app
-
Modules
-
Movement With Unity
-
Problem with url parameters for downloadables
-
Querying NoSql GameSparks database
-
Challenge accesType
See all 2487 topics