Login and Session #

You can use the Account service to manage your players and operators login and session experience. A player or operator can use your game client and identity provider to connect to your game and social services. This connection creates a user session.

When setting up your client login and session management, consider these approaches:

  • [Recommended] Maintain a long-lived WebSocket. A long-lived WebSocket allows your platform and client to communicate without polling patterns.
  • Use messaging through client HTTP requests. HTTP is useful for testing and web functionality but is not designed for production scenarios.

Login #

Login Queue #

The login queue routes your players through a queue when they attempt to log in using your authentication services. With the login queue:

  • You can rate limit logins to help manage larger than normal requests to your game, such as on launch days
  • You can use authentication servers with lower hardware requirements without the risk of server overload
  • You can provide more information to your players on the login screen

Login queue configuration #

The login queue configuration is set with some initial values to get you started. You can view these values and tune them in the LoginQueueServiceConfig.

game:
  serviceConfigs:
    LoginQueueServiceConfig:
      targetLoginRatePerSecond: 50
      targetCcuLimit: 10000
      estimatedSecondsToLogin: 10

Login queue configurations apply to your entire deployed Pragma Engine instance. Review the following table to understand how to tune these values:

ConfigurationDescriptionRecommendation
targetLoginRatePerSecondThe target maximum number of users to log in per second.Set this value lower than the maximum number of requests your authentication server can handle per second.
targetCcuLimitThe target maximum number of concurrent users logged in.Set this to a value lower than your game servers maximum concurrent players that does not overload your game servers.
estimatedSecondsToLoginHow long you estimate it takes between a user login request and the user gaining access.Set this to the predicted average amount of time it takes your system to log in a user.

Get started with login queues #

  1. Review the default values set in the LoginQueueServiceConfig and ensure they match your environment’s needs.
  2. [Optional] Set up your game client to listen for the OnLoginQueueUpdate broadcast event. OnLoginQueueUpdate broadcasts the QueueUpdateData structure. The QueueUpdateData structure contains the following details that your game client can use to provide your users more details about their login experience.
    • Eta: The estimated amount of time until the user is logged in.
    • PositionInQueue: The user’s place in the login queue.

The login queue functionality is built into the Pragma SDK for Unreal and Unity. To manually implement authentication in your game client, see Authenticate with RPC.

The following examples can be found in the Pragma SDK test examples for Unreal and Unity.

1
2
3
4
5
6
7

Player->OnLoginQueueUpdate.AddLambda([this, &NewEta, 
    &NewPositionInQueue, &UpdateCalled](const FPragma_QueueUpdateData UpdateData)
{
    NewEta = UpdateData.Eta;
    NewPositionInQueue = UpdateData.PositionInQueue;
    // Update game client UI to display ETA and position
});

1
2
3
4
5
6

_accountService.OnLoginQueueUpdate += queueUpdateComplete =>
{
    newEta = queueUpdateComplete.Eta;
    newPositionInQueue = queueUpdateComplete.PositionInQueue;
    // Update game client UI to display ETA and position
};

Testing and development #

During development and testing you can bypass the login queue ticket validation to reduce testing and development time. To bypass the login queue enable the devLoginQueueBypass in the SocialPlayerGatewayConfig.

social:
  serviceConfigs:
    SocialPlayerGatewayConfig:
      devLoginQueueBypass: true

Note: This is not recommended for production and live games or services.

Login data plugin #

After your players or operators successfully authenticate with your game, you can use the login data plugin to customize the login experience. The login data plugin collects data from multiple sources and sends it to the client on player login.

The login data plugin defines dependent jobs that start when a player logs in, and by default collects a player’s inventory data. Authoring additional dependent jobs can handle new capabilities, such as granting players rewards on login. For more information, see Authoring dependent jobs.

Session #

Session tokens #

Your game client provides the Pragma session tokens during requests to Pragma Engine. The engine then uses these tokens to identify the player, route requests, and verify that the request came from a trusted source.

Session tokens are a type of JSON Web Token, JWT A standard for securely transmitting information as a JSON object. . The session tokens are signed by a jwtPrivateKey that is configured in the TokenSignerConfig object. Pragma uses two types of session tokens.

  • Pragma game tokens (pragmaGameToken) - The pragmaGameToken can be used to connect to a game server with matching gameShardId.
  • Pragma social tokens (pragmaSocialToken) - The pragmaSocialToken can be used to connect to a social server.
Example decoded Pragma game token JWT:
{
  "sub": "19b5982a-f4d6-4ea3-a108-bad4afd852c7",
  "backendType": "GAME",
  "displayName": "test01",
  "pragmaSocialId": "d861f6e8-b63d-4582-a6c4-d515b2d8adbb",
  "idProvider": "STEAM",
  "iss": "pragma",
  "refreshInMillis": "2617000",
  "discriminator": "8704",
  "refreshAtMs": "1666139349326",
  "sessionType": "PLAYER",
  "exp": 1666223132,
  "gameShardId": "00000000-0000-0000-0000-000000000001",
  "iat": 1666136732,
  "pragmaPlayerId": "19b5982a-f4d6-4ea3-a108-bad4afd852c7",
  "jti": "409a1a94-e0d4-41af-aee6-b9e11f353a36"
}
Example decoded Pragma social token JWT:
{
  "sub": "d861f6e8-b63d-4582-a6c4-d515b2d8adbb",
  "refreshAtMs": "1666139469340",
  "backendType": "SOCIAL",
  "displayName": "test01",
  "pragmaSocialId": "d861f6e8-b63d-4582-a6c4-d515b2d8adbb",
  "idProvider": "EPIC",
  "iss": "pragma",
  "refreshInMillis": "2737000",
  "sessionType": "PLAYER",
  "exp": 1666223132,
  "iat": 1666136732,
  "jti": "0b58d376-f52f-44ee-85d3-c3cedda2d81b",
  "discriminator": "8704"
}

Session timeout #

You can define how long a player’s session remains active. You can use an active session token for future logins within the defined time frame. You can change the expiration time in the TokenSignerConfig.

After you’ve configured the length of time a token is valid, you can manually store tokens on a user’s machine. The SDKs support logging in with existing authentication tokens via an overload of LogIn on the Player session class.

These are the default values in the YAML configuration for the TokenSignerConfig.

social:
  serviceConfigs:
    TokenSignerConfig:
      jwtPrivateKey: "<RSA Private key>"
      partnerExpirationHours: 876000
      operatorExpirationMinutes: 2880
      emailTokenExpirationMinutes: 10080
      playerTokenExpirationMinutes: 1440
      playerTokenRefreshMinutes: 45
      playerTokenRefreshVarianceWindowMinutes: 5

Related articles

Authentication
Cross-Platform Accounts