Closed robGG1997 closed 1 year ago
sneakzttv
commented
1 year ago This is non critical data as it's just the wallet address, all solidity checks are done using message.sender meaning they need to own the wallet. It is also cleared on logout and reset on each login so there is no vulnerability here. Afaik persistent data paths has permission issues with webgl also. I don't think we need to change this.
sneakzttv
commented
1 year ago @robGG1997 Are we sure we can do this btw? Afaik WebGL has permission issues when it comes to saving/loading local JSON files on desktop. It's part of the reason we use the scriptable object for config as opposed to JSON files. The only work around is via web requests to a backend which is a whole mess we probably don't want to get into for login data.
robGG1997
commented
1 year ago @robGG1997 Are we sure we can do this btw? Afaik WebGL has permission issues when it comes to saving/loading local JSON files on desktop. It's part of the reason we use the scriptable object for config as opposed to JSON files. The only work around is via web requests to a backend which is a whole mess we probably don't want to get into for login data.
If we used Application.PersistentDataPath, which we are, it should work. I've also tested this on locally on WebGL Build
Summary Currently we're using PlayerPrefs for saving Login details on device but PlayerPrefs are vulnerable, slow and limited
Suggested features or ways to address the summary We should use a Json file in Application.PersistentDataPath instead
Motivation This will make Login function more robust