Why App42API.GetLoggedInUser is not documented

Question

Hello, Does that mean we should not use it ? Is there any security issue ? Any wrong usage ? I want my user to authenticate once, with a desktop application then ask the app to remember the user and login him automaticaly until the user decide to logout. Do I need to store specific data unsing PlayerPrefs or do the API store those data for me in an obvously more secure way ... Authentication, local session, server session are confusing me :-/ Thanks for any explanation. More documentation, more real life exemples and more explanation of "how it work, how to do" would be appreciated :-)

Answer 1

Hi,

The GetLoggedInUser also fetches the user from PlayerPrefs. When you authenticate a user calling AuthenticateUser API, server assigns a sessionID on successful authentication. The session will be valid till user calls logOut API. You can save the sessionID locally or you call our GetSession API of Session Service. If you get a valid sesion in return you can log him in automatically.

I hope this will help.

Thanks.

Comments

Hi,
Currently, it is still mysterious ...

Let say I Create a user and Authenticate it.
I can read the PlayerPrefs plist with Xcode and find the Sessionid and LoggedInUser keys.

Now, I delete the PlayerPrefs file (~/Library/Preferences/unity.co.app.plist).
If I call "sessionService.GetSession(App42API.GetLoggedInUser(), callback)" my app still validate the session and print the right user name.
Obviously GetLoggedInUser() found the username somewhere else ?

Also it's not the same as "sessionService.GetSession("", callback)" which thru an exception.