Storage Engine Object Privacy

Hello Nakama Guru’s,
We are just getting started porting our Unity application to a Nakama backend instance. Right now, I’m working to create an administrative interface in React/JS. We’ve populated our user JSON objects for our current implementation, into Nakama Storage Objects. To keep things safe and secure, all storage objects are set to a private read/private write state. Is there a way to retrieve all storage objects for a specific user, without setting all storage objects to public read? I noted that the listStorageObjects method will not return private storage objects. Is there an administrative override?

Much Appreciated,
Jeremy

Hey @jnewcomb84 welcome :wave:

Is there a way to retrieve all storage objects for a specific user, without setting all storage objects to public read? I noted that the listStorageObjects method will not return private storage objects. Is there an administrative override?

For these kinds of administrative use cases you should look at the devconsole API and use custom RPC functions where needed. The devconsole API is what’s used by the internal dashboard provided within Nakama. Have a look at the Swagger spec for more information on what’s available:

We use our own code generator to turn the Swagger spec into a TypeScript client used by the dashboard itself. This could speed up the time it’d take for you interact with that API:

https://github.com/heroiclabs/nakama/blob/master/console/ui/src/api.gen.ts

Hope that helps.

Thank you @novabyte, that certainly does help. I was able to hit my endpoint with the matching route in order to get a user’s storage objects. However, it seems like this can be done without having to authenticate with the server, first. Is this true? And if so, is there any way to implement authentication for these routes?

The console API does use authentication. You can see the logic for it online in this code. Which endpoint do you connect?

Yes, I saw that which is why I’m confused. I used Postman to connect to the endpoint without a token or username/password. Is it only implemented for post/put/delete endpoints? I was using a get command to v2/console/storage?user_id={UID}. I appreciate all your help :slight_smile:

@jnewcomb84 You’re right. It’s linked to a code change that was made to simplify how our internal gateway wraps around the GRPC endpoints. We’ve created a patch release of Nakama. Please upgrade and let me know.

1 Like

Looks like it worked for the RPCs. But now we cannot connect with our Unity client because there is no authentication parameter to pass to the Client. Any thoughts on why the update broke our unity connection?

@jnewcomb84 I think there’s some confusion about the APIs available in Nakama. We have two different APIs which are useful for different purposes in the game server:

  1. Server API. This is the main API which exposes all the features of the game server. All our official client SDKs use this API.
  2. Developer Console API. This was the API I mentioned earlier in the thread. It’s an internal administrative API that can be used to programmatically access resources about players and data stored. It’s used by our Developer Console dashboard that’s bundled within the game server.

The second API is not accessible from the client SDKs. We don’t support it from any of the client SDKs instead we recommend you use the REST endpoints directly or utilize the GRPC client for it generated as a Go package.

I could code generate a small low-level client object for you to use from .NET code if it helps?

Just to add some clarification to this. The Unity api for creating a new Client and authenticating with AuthenticateCustomAsync method that we were using prior to the update was working i.e.
new Client(“http”, “nakama-dev.com”, 7350, “SomeServerKey”);
After the update, we no longer can authenticate with the Nakama server. There is no error message in the logs.

Hi @andrew.jones. I’ve run a local deployment of Nakama with docker-compose -f ./docker-compose.yml up which shows this log line with the server in DEBUG level:

{"level":"info","ts":"2020-01-15T22:06:06.668Z","msg":"Node","name":"nakama1","version":"2.9.1+31694947","runtime":"go1.13.6","cpu":4,"proc":4}

I ran a small amount of Unity code to authenticate with a custom identifier:

var client = new Client("defaultkey");
var customId = SystemInfo.deviceUniqueIdentifier;
var session = await client.AuthenticateCustomAsync(customId);
Debug.LogFormat("Session user id: '{0}'", session.UserId);

It prints out this info in the Unity editor console:

Session user id: 'c55c15cc-11d1-45bd-9134-b22c7fb0d8e2'
UnityEngine.Debug:LogFormat(String, Object[])

I have no problem with the server and the main API at all. I don’t think there’s any crossover between what @jnewcomb84 reported and connectivity to the main API. Do you run Nakama behind a load balancer?

It seems like it was some weirdness on our end. Restarted Unity and it is connecting just fine.