Hw to check if user is connected from multiple devices?
I am developing a mobile game. I want to make sure that user can not connect from multiple devices using same user name. I am setting player name in Photon. Is there a way to check if this user is already connected from other device?
I am using PUN+. One option i can think of is whenever i connect to photon before setting my user name to PhotonNetwork.playerName. I can do a FindFriend() with my user name. If photon returns me offline then i'll set playerName otherwise i can assume that this user name is online from other device.
Is this the correct way to check this?
Comments
-
Preventing a user from logging in multiple times is currently not easy. We don't have sessions, so the server does not track if a user is staying online or not.
Users might disconnect deliberately or get disconnected, time out and might want to re-connect. Maybe it's the same user but a re-connect is needed?
You could setup custom authentication and in your own auth service, you can possibly store some device ID per user and a timestamp. A user might login only from one device within 5 minutes or so.
See this page and related ones:
http://doc.exitgames.com/en/pun/current ... entication0 -
Thanks Tobias for your quick reply.
There can be many scenarios for this. We were able to do it using our server. I will explain in case anyone else is looking for some solution for this.
We implemented session on our server which is a simple guid. When a device connects to our server it asks to create a session. Server creates a session and returns. Device uses this session ID with every server side request. If server detects that sent session ID doesn't match with current ID then it returns error code which indicates that session has been created from other device. It worked for our needs because every action in our game requires server communication.1 -
Thanks for updating us.
The solution seems to be solid and maybe it helps other to know this.
Good luck with your game!0 -
Thank you very much for your solution ! i'm looking for this, could you please give me a tutorial to implement this ?avinash said:Thanks Tobias for your quick reply.
There can be many scenarios for this. We were able to do it using our server. I will explain in case anyone else is looking for some solution for this.
We implemented session on our server which is a simple guid. When a device connects to our server it asks to create a session. Server creates a session and returns. Device uses this session ID with every server side request. If server detects that sent session ID doesn't match with current ID then it returns error code which indicates that session has been created from other device. It worked for our needs because every action in our game requires server communication.0 -
Hi Pain, Sorry for late reply. wasn't active on this forum from few months.
This is a standard session implementation technique. I will explain this in steps of how it works in our games.
1. First Request from Client (Mobile game) to our server => API.Status()
This tells whether our api is up and general health check of server.
2. Second Request: API.GetSession(playerID)
Our Server maintains list of key value pair of session id and player id in cache. There can be only one session id for a player ID.
3. With every request client sends this session id with player id to server. Server checks the cache if this session id and player id combination matches with one in cache. If it doesn't it means that same player has made a new session from other device or client. In this case server sends error code of session mismatch.
So in general a new client will always get a valid session which will invalidate all existing sessions. As soon as user connects from new device, all other active devices API calls will start failing with session mismatch error.
Hope this helps2 -
Hello, can any one please help me in finding how to disconnect the existing user when he login from another device with the same credentials.
0 -
That would be a topic for authentication. You could create your own Custom Authentication, which disallows users to login within a certain time frame. You'd need some way to identify the device, though.
0
