Auth Plugins
ProTV provides a system for integrating custom authentication which extends the implicit TV Security settings.
To make use of this requires an UdonSharp script that inherits from the TVAuthPlugin base type. Custom auth does not support UdonGraph, CyanTriggers or any other compiler.
Built-in
ProTV comes with a very useful pre-made whitelist component called TVManagedWhitelist
. For creators who want to secure their world, this covers common use-cases.
It provides a username list for both Super Users and Default Authorized users (read more about security levels on the TV Security page).
There is a second component called TVManagedWhitelistUI
which provides an in-world UI for dynamically adding or removing users from the list of authorized users (Only a super user can change who is authorized).
This is great for managing events that have a dynamic selection of guests or DJs that need to control the TV in one way or another. You can also use the TV's authentication system as a proxy for other things in world if you want.
Make Your Own
If the pre-made auth plugin options don't fit your needs, you can make your own.
The Setup
To do so, start my making a new U# script and update with the template script (change MyAuthClass
with whatever your script name is):
public class MyAuthClass : TVAuthPlugin
{
public override void Start()
{
if (init) return;
base.Start();
// your other code
}
public override void _TvReady()
{
// tv is ready to interacted with
}
public override bool _IsAuthorizedUser(VRCPlayerApi who)
{
return true;
}
public override bool _IsSuperUser(VRCPlayerApi who)
{
return false;
}
}
Once the script is setup, you will need to create a game object to put th script on and tell it to connect to your desired TV.
The Breakdown
Things to know when writing your own Auth Plugin logic.
- If you don't know the difference between and authorized user and a super user, please refer to the Security Docs page.
- If you are trying to integrate another system, make sure that the AuthPlugin can query the other system using the provided
who
value or related data.- The
who
can be either the local or a remote player. For example, the TV will attempt to check the requesting user of an ownership transfer request on the active object owner. This means the check will be against a remote user reference.
- The
- Put all initialization logic that is NOT related to the TV in the
Start
method. - Put any initialization logic that depends on the TV in the
_TvReady
method. - If you sync any udon data on the script, make sure to implement the
OnOwnershipRequest(VRCPlayerApi, VRCPlayerApi)
event method and check the users as necessary.- It is recommended that you do
if (!tv._IsSuperAuthorized(requestingOwner)) return;
in that event so you can be sure that the person making the command has proper authorization.
- It is recommended that you do
- If a change has been made to the internals of the auth script, call
tv._Reauthorize()
to notify all the regular TV plugins that authentication has changed and to accommodate for any changes.