Social Authentication in Text Express
Strategies: Library, Field, Lab, Showroom, Workshop
Analysis
Problem analysis, Literature study, Document analysis, Domain modelling, Task analysis, Best good and bad practices
Current situation
As Text Express is working with Playfab, in order to retrieve your progress from the service, the game identifies each player, by their unique device ID number. This is working perfectly, but is not secure at all. In case you lose your device, you would also lose your Text Express progress. In order to prevent this from happening and allow future social interaction between players, I have been given the following assignment.
Graduation Assignment
As currently the game is being developed only for Android, an assignment for my graduation project was to implement Google and Facebook authentication services and allow players to safeguard their current progress as a first proof of concept that social authentication works.
Clarifications
What are the best practices for Google or Facebook login, when using Playfab?
In order to get a grasp on how the login should be done I've read the documentation of Playfab for best practices. Then I analyzed the following:
How does the login with Playfab currently works in Text Express?
In order to understand how the login in Text Express currently works with Playfab, I've created this flow diagram:
In the top flow diagram, the player (Luc) can not continue his progress from Playfab ID "A", on another device different than Device 1, when the game doesn’t support any authentication services.
As a conclusion from the research, when authentication services are supported, linking the service account to the Playfab ID account will be enough for Playfab to return the correct profile.
Are there other games using Playfab, which have an authentication system?
I've contacted a developer from Bed and Breakfast (Gamehouse game, which uses Playfab as a backend service) and understood that their game has only Facebook login. I've also received access to their codebase, where I analyzed their code for the Facebook login. Although, their code was just following the best practices from Playfab, I've found something I haven't thought about before:
What will happen if one Facebook account/ Google account is already linked and the player wants to link it on another Playfab ID?
Whenever a player starts the game on a new phone, he already has a new Playfab ID account. If his older Playfab ID is already linked and authenticated with Google and then the player authenticates again on his newer phone (newer Playfab ID), then an error (LinkedAccountAlreadyClaimed) will be returned from Playfab. After research about this case it was found out that this has to be tackled carefully by showing a "compare screen" to the player, comparing both of the Playfab ID accounts and asking the player which one he wants to continue playing.
What to use from Google- Google email or google play account?
There are 2 options you can use for Google login: A simple login with your google email or login with a Google Play account. After research here are the pros and cons of each:
Advantages
Disadvantages
Google email
Simple Login with no extra requirements
Doesn't support automatic
login feature.
Could be used on all
platforms
Advantages
Disadvantages
Google Play account
Supports automatic login
if you have played the game before
Requires Google Play app installed on your phone
(Extra application)
Can not be used on IOS devices
Slows down the start of the game
by 0.5 - 2 seconds, so it checks
if you have authenticated before
After gathering and showing those to my design and technical mentor, they preferred that I use the Google Play account type of login, as it will have the automatic login feature, and most importantly because of the following reason:
"When a game uses as much as possible dedicated Google features (Google Ads, Google login, Google payments, etc), the chances of getting featured by the Google store are bigger." (Tjien- Text Express Designer)
How to set up the Google and Facebook SDK?
In order to set up the authentication services successfully, after research of what to do, I have created a list of tasks to follow:
Design
Design pattern research, Decomposition, IT Architecture Scetching, Explore user requirements, Brainstorming, Prototyping
Login with authentication service design
By keeping in mind the analysis I've done, I've created a new flow diagram, which demonstrates the login flow with an authentication system available for the players and also designing how this system will work technically-wise. More about this can be read here.
Design for login with authentication flowClass design
All authentication services should have the same functionality: Log in the service, Link/Unlink the service to Playfab, Log off the service, etc. After ascertaining that, I've designed the following class diagram following SOLID principles- Open-closed principle, Single responsible principle:
Realization
Design pattern research, IT Architecture scetching, Code review, Usability testing
Setting up Text Express to use authentication services
Having to set up Text Express to allow Facebook authentication was just following my step-by-step guide (which I prepared in my Analysis phase) without having any major setbacks during the process. Facebook has done a great job in keeping their guides up-to-date and having their Unity SDK being very optimized, readable and easy to work with.
Setting up Text Express to have Google authentication, on the other hand, was a very different experience shared here:
Setting up Text Express for Google Play ServicesAuthentication flow implementation:
After setting up Text Express on the Google and Facebook services and testing if their SDKs initializesuccessfully I started following the class design and the login flow design I've created beforehand.
Comparing Screen:
After I have successfully followed my design, I've reached the point where I have to present to the player two Playfab ID progresses- Comparing Screen. At first, I tested if it works, by using the following GUI.
After that I asked my design mentor, to decide what type of progress it is good to be shown in that comparing screen, so it is more comprehensible for the player. After several iterations the final GUI was agreed upon.
Every change to the comparing screen meant that the backend function, should be changed to return the needed information. Which meant, that during those iterations, the backend function was updated as well, resulting in its final version:
Error handler
During the implementation of the authentication feature, a lot of possible errors had to be taken into account and all of them had to be handled differently. In the end, that resulted in implementing an Error handler system, which made the tracking of errors and fixing them faster and easier:
Errors handler in Text ExpressTesting:
Personal testing
In order to test the authentication feature I had to constantly simulate 2 Playfab IDs. For that I used my laptop as one device and my personal phone as the other device. Facebook allows its SDK to be used on a PC, so testing the Facebook login functionality was easy and done pretty fast.
Unfortunately, the Google SDK, can be used only on an android device and I was not able to test the Google login functionality thoroughly, as I don't have 2 android devices available. Therefore, I had to push the Google functionality halfway tested, hoping that it will work correctly.
After QA testing:
After the build was tested by the QA testers, I've received information that the login with Google was not working as expected. In a 1 on 1 session with a QA tester I explained and guided, how to use Android Studio to read debug messages from the game. By seeing the error code of the GUI error appearing on the tester device and using an android studio to read the debug of the game, we managed to track what the issue was:
Problem with requesting Google linked Playfab progress:
The Playfab SDK client-side function GetPlayfabIDsFromGoogleIDs, was not returning the Playfab ID and it turned out that this was because the Google SDK doesn't support giving a Google ID, which is the parameter needed for the GetPlayfabIDsFromGoogleIDs. As this function was not an option I found another way of retrieving the playfabID of the player, which worked as intended:
Additional products:
The code for the authentication service was done and working in a modular way. I've decided to share all my knowledge with the rest of the Gamehouse developers, by making the following document, explaining how they can use my code in order to achieve the same authentication functionality as Text Express in their game as well.
Evaluation
Brainstorming
Until now there was not an option for the players to safeguard their current progress and continue on their Text Express progress on more than one device. Now this is possible via the Facebook and Google authentication feature I've implemented.
This safeguarding feature is believed to reduce the amount of people dropping out of the game, because buying a new phone and not wanting to start all over again.
The Text Express designer also believes that having social authentication such as Google or Facebook in your game is the first step in creating a social community around the game, as it allows the implementation of Clans/Guilds/Chat systems/Personal Profile/etc.
Classes implementation
The authentication system was created following the fundamental SOLID programming principles and allowed me to see how powerful those can be. As I am trying to be as useful and helpful as possible, I've also shared the knowledge, logic and code-base of the authentication feature with fellow technical developers within Gamehouse. This act was appreciated, for which I am very grateful!
As proof that the code design is good, other members had to add tracking Business intelligence events. Those events were to track authentication activity and to gather data if and when the users are using the feature. In order to do that, the developer, who found easily the places, where he needed to add the code. Which for me suits as proof that the code is readable and you can understand it easily.
For the future:
Automated Account Recovery
Due to drops in the players' internet connection, while some authentication operations are running, the player's account may be lost. Recovery of such account loss is now done only through contacting customer support (see "Error nr. 8" from the "Error handling when auth fails" document). However, there have been added tracking events to check, if "account lost"s are happening or not. If it is something regular, then an improvement of the code could be done, so the following automatic recovering is happening:
The last logged-in playfab ID, which was on that phone is being linked back whenever the phone has internet again. This process could be automated, and not require contacting customer support, but currently is not, as I think it will be a very rare case (data will show).
Apple authentication
When Text Express is available for IOS devices as well, Apple authentication would have to be added as well.
Deeplinks in Text ExpressLast updated