Authentication Guide

This guide explains how to implement authentication in your game using Games.fun. We use JWT (JSON Web Tokens) to secure communication between your game client and server.

Setup Steps

1. Get Public Key

First, your game server needs to get the platform's public key for verifying tokens:

// On your game server
const response = await fetch('https://games.fun/api/games/auth/keys');
const { 
    public_key, 
    algorithm,  // 'RS256'
    issuer     // 'games.fun'
} = await response.json();

// Store these for token verification

2. Client Authentication

In your game client, request a JWT when needed:

// Using vanilla SDK
const sdk = new GamesFunSDK({
    gameServerUrl: "your-validation-endpoint"
});

// Request JWT token
const result = await sdk.triggerAction("issueJWT", {});
const jwt = result.params.jwt;

// Use with game server
gameServer.setJWT(jwt);

Using React hooks:

3. Token Verification

On your game server, verify tokens before processing authenticated requests:

4. WebSocket Authentication

For WebSocket connections:

Error Handling

Client Side

Server Side

Development Mode

For local testing, enable dev mode in the SDK:

Best Practices

1. Token Storage

   • Don't store tokens in localStorage

   • Keep in memory only

   • Clear on logout/errors

2. Error Handling

   • Implement automatic token refresh

   • Clear invalid tokens

   • Provide clear error messages

3. Security

   • Always verify tokens server-side

   • Check token expiration

   • Validate issuer and algorithm

4. Development

   • Use dev mode for testing

   • Log auth errors in debug mode

   • Test token expiration handling

Next Steps

• Game Wallet - Learn about token transfers and validation

• Game Server - Set up your game server

• React Integration - Use with React components