Authentication

Session Object

As the result of all authentication methods you receive a unified Session object which contains:

• token

• refreshToken

• created

• userId

You pass the Session object to each further method which needs authenticated access.

Sign Up vs Sign In

One thing to notice is, that the SDK will implicitly create a new user account when you use unknown credentials which are not yet registered.

If you just want to validate the given credentials you can pass create: false to the authentication method which then throws an exception if the user is not yet registered:

try {
    final session = getNakamaClient().authenticateEmail(
        email: 'unknown@user.com',
        password: 'somethingSeCuRe',
        create: false,
    );
} catch (e) {
    print('User unknown, please check email or register first.');
}

Set username on registration

If you choose to implicitly create user accounts (which is default) you can pass the username attribute which then sets the user's username to the provided value:

final session = getNakamaClient().authenticateEmail(
    email: 'register@me.com',
    password: 'hiddenstuff',
    username: 'gamerr2000',
);

Now when the account is created, the username is gamerr2000.

Authenticate

Device Token

You can use the device token to login/signup with just the user's device as identity. A device identifier must contain alphanumeric characters with dashes and be between 10 and 128 bytes.

You can for example use the device_info_plus package to find the device ID:

String deviceId;
DeviceInfoPlugin deviceInfo = DeviceInfoPlugin();

// For example we use device_info_plus to get a fitting token
if(Platform.isIOS) {
  deviceId = (await deviceInfo.iosInfo).identifierForVendor;
} else if(Platform.isAndroid) {
  deviceId = (await deviceInfo.androidInfo).androidId;
} else {
  // TODO implement on all other supported platforms
}

// Authenticate against Nakama with our device token.
final session = await getNakamaClient().authenticateDevice(
    deviceId: deviceId,
);

On the web you could for example generate a uuid and store it in local storage.

Email

An email address must be valid as defined by RFC-5322 and passwords must be at least 8 characters.

final session = await getNakamaClient().authenticateEmail(
    email: 'foo@bar.de',
    password: 'mySecurePassword!',
);

print('Hey, you are logged in! UserID: ${session.userId}');

Social Login

Nakama allows you to authenticate with different social providers. Please note that additional setup is required to make this work. There are a couple of flutter packages available. How to authenticate against social providers and obtain the provider's token is not part of this project.

I assume you've already got a token from the social provider which you can use to authenticate with Nakama.

Facebook

final session = await getNakamaClient().authenticateFacebook(
    token: facebookToken,
);

Google

final session = await getNakamaClient().authenticateGoogle(
    token: googleToken,
);

GameCenter

final session = await getNakamaClient().authenticateGameCenter(
  playerId: playerId,
  bundleId: bundleId,
  timestampSeconds: timestampSeconds,
  salt: salt,
  signature: signature,
  publicKeyUrl: publicKeyUrl,
);

Steam

final session = await getNakamaClient().authenticateSteam(
    token: steamToken,
);

Custom

You may use custom authentication to either integrate your existing backend or an external identity provider. Pass your custom user ID to this method. A custom identifier must contain alphanumeric characters with dashes and be between 6 and 128 bytes.

final session = await getNakamaClient().authenticateCustom(
    id: 'custom-user-id',
);