Custom storage
If you use custom storage, you have access to:
- user registration
- authentication via username and password
- passwordless authentication via phone number
- authentication via social networks
- user password reset
Interaction flow
You can use the login widget or your application, that uses Login API calls, as a client. The interaction flow between the client and the Xsolla Login server is the following:
- The client sends requests to the Xsolla Login server. The requests format is described in JWT and Password endpoints.
- The Xsolla Login server sends requests to your server. Follow the instruction to validate the requests.
- The Xsolla Login server processes a response from your server and returns the result to the client.
- The client processes the response.
As a response to a server request, you can get information about the user in the form of a structure:
| Parameter | Type | Description |
|---|---|---|
attr_type | string | Definition of user’s access level to service attributes:
|
key | string | The name of the attribute that is used to identify the user’s attribute. Must be unique for each user. Maximum length: 256 symbols. You can use numbers, Latin letters, hyphens, and underscores. |
permission | string or null | The type of access to the user’s attributes affects the list of attributes returned by the methods:
Possible values: public, private (default). |
value | string | The value of the user’s attribute. Maximum length: 256 symbols. |
User registration
- The client sends the
Register new user request to the Xsolla Login server. - The Xsolla Login server sends a request to the New user URL. The response must be in the format described in this instruction. In the response, you can specify a list of user attributes.
New user URL response example:
Copy
http
- http
- curl
POST https://your.hostname/your_registration_uri HTTP/1.1
Authorization: Bearer {JWT}
Content-Type: application/json
{
"email": "john@gmail.com",
"password": "123456"
}curl --request POST \
--url 'https://your.hostname/your_registration_uri' \
--header 'authorization: bearer_JWT' \
--header 'content-type: application/json' \
--data '{"email":"john@gmail.com","password":"123456"}'Response example:
Copy
{
"attributes": [
{
"attr_type": "server",
"key": "company",
"permission": "private",
"value": "facebook-promo"
},
{
"attr_type": "server",
"key": "custom-id",
"permission": "private",
"value": 48582
}
]
}- User data is written to the Xsolla database while the
emailis flagged as unconfirmed. The user will receive an account confirmation email. - If you have integrated the Login Widget, the user will be redirected to the page with the following message: Please confirm your account following the instructions we sent to {email}.
Authentication via username and password
- The client sends the
Auth by username and password request to the Xsolla Login server. - The Xsolla Login server sends a request to the User verification URL. The response must be in the format described in this instruction.
New user URL response example:
Copy
http
- http
- curl
POST https://your.hostname/your_authentication_uri HTTP/1.1
Authorization: Bearer {JWT}
Content-Type: application/json
{
"email": "john@gmail.com",
"password": "123456"
}curl --request POST \
--url 'https://your.hostname/your_authentication_uri' \
--header 'authorization: bearer_JWT' \
--header 'content-type: application/json' \
--data '{"email":"john@gmail.com","password":"123456"}'Response example:
Copy
{
"attributes": [
{
"attr_type": "server",
"key": "company",
"permission": "private",
"value": "facebook-promo"
},
{
"attr_type": "server",
"key": "custom-id",
"permission": "private",
"value": 48582
}
]
}- The Xsolla Login server generates a user JWT.
- The user is redirected to the
login_urlwith atokenquery parameter. Thetokenparameter contains the user JWT.
Note
A new user is created if there is no userdata written to the Xsolla database.
Passwordless authentication via phone number
- The client opens an authentication form so the user can enter their phone number.
- The user enters their phone number.
- The client sends the
Start auth by phone number request to the Xsolla Login server. - The client shows a field so the user can fill in the verification code.
- The user enters the received verification code.
- The client sends the
Complete auth by phone number request to the Xsolla Login server. - If it is the first user authorization, the Xsolla Login server sends a request to the Passwordless login with phone URL. The response must be in the format described in this instruction.
New user URL response example:
Copy
http
- http
- curl
POST https://your.hostname/your_phone_authentication_uri HTTP/1.1
Authorization: Bearer {JWT}
Content-Type: application/json
{
"login": "+12025550140",
"type": "phone"
}curl --request POST \
--url 'https://your.hostname/your_phone_authentication_uri' \
--header 'authorization: bearer_JWT' \
--header 'content-type: application/json' \
--data '{"login":"+12025550140","type":"phone"}'Response example:
Copy
{
"attributes": [
{
"attr_type": "server",
"key": "company",
"permission": "private",
"value": "facebook-promo"
},
{
"attr_type": "server",
"key": "custom-id",
"permission": "private",
"value": 48582
}
]
}Authentication via social networks
To get user data when authenticating via social networks, specify Social Login URL in the settings of your Login project in Publisher Account (section User database > Storage > Custom storage). A request with data received from the social network is sent to this URL.
Authentication flow:
- The client sends the
Auth via social network request to the Xsolla Login server. - The user logs into a social network.
- The Xsolla Login server processes the user data received from the social network and sends a request to Social Login URL. The response must be in the format described in the instruction.
The request contains data in the temporary token in the Authorization: Bearer <JWT> header. The user JWT passed in the request contains the following data:
| Claim | Type | Description |
|---|---|---|
| exp | Unix Timestamp | The date and time of the JWT expiry. The JWT lifetime is 7 minutes. Required. |
| iat | Unix Timestamp | The date and time JWT is issued. Required. |
| iss | string | The service that signed the JWT: https://login.xsolla.com. Required. |
| request_type | string | Constant: gateway_request. Required. |
| xsolla_login_project_id | string (UUID) | Your Login project ID in Publisher Account. Required. |
| string | User email address. | |
| sub | string (UUID) | User ID written on the Xsolla Login server side. Required. |
| username | string | Username. |
| provider | string | Name of a social network used for authentication. Required. |
| id | string | User ID in a social network. Required. |
Example of a token payload:
Copy
- json
{
"exp": 1573635020,
"iat": 1573634600,
"iss": "https://login.xsolla.com",
"request_type": "gateway_request",
"xsolla_login_project_id": "00000000-0000-0000-0000-000000000000",
"sub": "00000000-0000-0000-0000-000000000000",
"email": "example@test.com",
"username": "Smith707",
"provider": "google",
"id": "123",
}New user URL response example:
Copy
http
- http
- curl
POST https://your.hostname/your_social_authentication_uri HTTP/1.1
Authorization: Bearer {JWT}
Content-Type: application/json
{}curl --request POST \
--url 'https://your.hostname/your_social_authentication_uri' \
--header 'authorization: bearer_JWT' \
--header 'content-type: application/json'Response example:
Copy
{
"attributes": [
{
"attr_type": "server",
"key": "company",
"permission": "private",
"value": "facebook-promo"
},
{
"attr_type": "server",
"key": "custom-id",
"permission": "private",
"value": 48582
}
]
}User password reset
- The client sends the
Reset password request to the Xsolla Login Server. - The Xsolla Login server sends the user a password reset confirmation email.
- After confirming password reset in the email, the user is redirected to the page where they can enter a new password.
- The user enters a new password.
- The Xsolla Login server sends a request to the Password reset URL. The response must have the format described in this instruction.
New user URL response example:
Copy
http
- http
- curl
POST https://your.hostname/your_reset_uri HTTP/1.1
Authorization: Bearer {JWT}
Content-Type: application/json
{
"username": "john@gmail.com",
"fields": {
"password": "NewPa$$word1"
}
}curl --request POST \
--url 'https://your.hostname/your_reset_uri' \
--header 'authorization: bearer_JWT' \
--header 'content-type: application/json' \
--data '{"email":"john@gmail.com","fields":{"password":"NewPa$$word1"}}'Was this article helpful?
Thank you for your feedback!
We’ll review your message and use it to help us improve your experience.Rate this page
Rate this page
Don’t want to answer
Thank you for your feedback!
Continue reading
Useful links
How to connect custom storageFound a typo or other text error? Select the text and press Ctrl+Enter.
