Search Unity

  1. Welcome to the Unity Forums! Please take the time to read our Code of Conduct to familiarize yourself with the forum rules and how to post constructively.

Question New to Unity - Need Login Advice for Single Player Game

Discussion in 'Authentication' started by rrosay, Aug 29, 2022.

  1. rrosay

    rrosay

    Joined:
    Aug 28, 2022
    Posts:
    1
    Hello all, as the title suggests I am new to Unity. I have undertaken a project where I would like to provide a single player, "dungeon crawling" experience to players.

    The "login" system as I have planned it will just be access codes that are generated on the backend using uuid4(), which are emailed to players whenever they have a new dungeon available to crawl via Sendgrid.

    My questions are about creating a secure login system in Unity. I've watched YouTube videos on the subject that make it seem like all I need is a server with a database and PHP scripts on the backend and a WWW form in Unity. So my questions are as follows:

    1. If I were to go the aforementioned route, is that really all I need? Should I run the server somewhere like Linode? AWS? I have servers at home; so I could just host an Apache webserver and connect to it inside of Unity's WWW form.
    2. Is the above the best way to set up a system to handle login? Would a REST API be better? Or even viable at all?
    3. How can I make the login system as secure as possible? I've never worked with PHP, so when I see in the WWW form examples raw strings of server URLs I don't know how to react. If I'm hosting the web server from my home, should I create an SSL certificate and tuck the server away in a VLAN? Do I need a static IP separate from my current home public IP?

    As of writing this thread, my plan is to use my at-home server to host a Postgres database, Docker images handling ETL, and a PHP script suite. I will try to create a free SSL certificate with Cloudflare for this webserver as well. I will host the game using a domain provided by Google. Client to server communication will be WWW forms.

    Thank you for taking the time to read this. I appreciate any feedback you have!
     
  2. elseforty

    elseforty

    Joined:
    Apr 3, 2018
    Posts:
    284
    Hi,
    Having your own server is gonna be a nightmare since you will be dealing with extra work that you will have to constantly monitor and make sure it is working properly
    i suggest using services that will do this work for you, luckly there are few services that you can use for free such as playfab or nucle cloud, these are API solutions that you can use for free if your project is small to medium size
    for example playfab is free until you exceed 100k requests per month
    nucle cloud is free until you exceed 200k requests per month
    good luck
     
  3. Laurie-Unity

    Laurie-Unity

    Unity Technologies

    Joined:
    Mar 5, 2020
    Posts:
    174
    Hi @rrosay

    You could of course use Unity Authenticate to authenticate and sign players in. This will save you a great deal of effort.

    From there you could use a combination of Unity Gaming Services for the remainder. There are few different ways you could build it out, with UGS or other providers services, depending on your particular needs.
    • Cloud Save (or potentially Analytics) to store email address (with the user's consent and preferrably encrypted with a secret key)
    • Analytics to identify which users you want to email and build an Audience (e.g have completed dungeon X but not dungeon Y) or to simply export a list of user's & their encrypted emails from Data Access
    • Cloud Code to automate the task of informing the player of the new dungeon, either in-game as they sign-in or with an automated scripted mechanism.
    A couple of things to consider :
    • If your game is a mobile game, push notifications will be easier to integrate, take a look at the Push Notifications beta documentation
    • If a semi manual process is acceptable you could just use Analytics to store and retrieve encrypted player emails then decrypt them locally and use the SendGrid UI to send your mails.
    • If you go down the automated route you might need to host some scripts somewhere that run at a regular interval, to update and send emails (Cloud Code doens't support automated timer driven scripts yet, just API scripts that are called from the game client or another script)
    • If you go down the automated Cloud Code route you should also look at Calling public internet endpoints, Cross Player Data and UGS Service SDKs documentation

    I hope that helps,