I’ve been working on implementing Unity Authentication in my game Endless Wander, with login through Unity Accounts to provide Cloud Saves for our players.
I’ve managed to get the whole flow working, and it’s overall a very nice solution, having only one login type to handle in the backend and letting our players use a Unity, Google, or Apple account is great.
The one issue I’m having now is that the connection expires very quickly. I’m anticipating it will be annoying for our players to relog every day.
I don’t fully understand the interactions between the different services yet, and the issue is probably on my side. Here’s how I proceed on the first login:
Start the Unity Account login process with PlayerAccountService.Instance.StartSignInAsync();
In the SignedIn event, I save PlayerAccountService.Instance.AccessToken to a PlayerPref
Now that I have an access token, I start authenticating with it: AuthenticationService.Instance.SignInWithUnityAsync(Managers.Settings.GetUnityAccountToken()); (The method called in Managers.Settings gives me the AccessToken that was saved in a PlayerPref)
In the SignedIn event, I show the player that the authentication is successful, and the game can proceed and use Cloud Saves.
When the player comes back the next day, here’s what happens:
I check in my PlayerPrefs if the player has already logged into a Unity Account and if he has an Access Token.
If I find out that he has, I start authenticating him using the saved Token AuthenticationService.Instance.SignInWithUnityAsync(Managers.Settings.GetUnityAccountToken());
If the Token is recent, the authentication works fine, and the game can proceed.
But the next day, the SignInFailed event is triggered because the Token is not valid anymore.
I have to start the login process from the top and ask the player to log back into his Unity Account.
This process works, but having to relog daily is a real annoyance.
So my question is, is there any way to keep the token valid for a more extended period of time before having to relog?
Hi @SmoothyD ,
thanks for reaching out. The access token for Unity Authentication has an expiration of 1h and it takes care of refreshing the token every hour or so. The case where you are talking about when a player tries to sign in after the token has expired is what we called a cached player and we have some documentation here: Sign in a cached player.
TLDR:
What you should do is the following:
Check in my PlayerPrefs if the player has already logged into a Unity Authentication (using AuthenticationService.Instance.SessionTokenExists).
If there is a session token then you should sign them in “using the session token” by calling the SignInAnonymouslyAsync method which is used to sign in a cached player:
AuthenticationService.Instance.SignInAnonymouslyAsync();
If there is no session token, meaning the player has not signed in or has signed out, then you need to perform the flow to sign them in through Unity Player Accounts and then Unity Authentication.
I was going through the documentation, trying to understand what I missed, and I was starting to reach the conclusion that I should use AuthenticationService.Instance.SignInAnonymouslyAsync().
It was a bit hard to wrap my head around it because I first read about this method in the context of using a Guest account.
But now that you’re confirming that’s the correct way to proceed, I’ll get to it!
I seem to have a situation where I have my app in the background for over 1h (so the token expires). When I resume from pause, I check AuthenticationService.Instance.IsExpired (as well as SignedIn and Authenticated) and they all say that I am signed in, authenticated and NOT expired.
When I then query CloudCode, I get:
Unauthorized
(401) HTTP/1.1 401 Unauthorized
Unauthorized
Authentication token could not be verified; jwt expired
…
How is it that IsExpired = false, but this message says jwt expired?