Help understanding client <-> server authentication

I'm developing a game using Flutter for a client, and C# for a server authoritative back end. They both connect to Appwrite perfectly fine. The client and server interact with gRPC.

My question is how would the server confirm the user is auth'd for this session, before it runs received gRPC calls? The user can log in, but how does the server know that they did. This isn't SSR, the client and server are two distinct things.

I'm still trying to wrap my head around sessions, auth, and web in general, so I might just not be understanding something.

TL;DR

Developing game with Flutter client and C# server using gRPC with Appwrite. Unsure how server can authenticate user before processing gRPC calls. User can login, but server needs to verify. Not using SSR. Need help understanding sessions, auth, and web concepts. Solution: Use tokens for user authentication between client and server. User logs in, server generates token and includes it in gRPC calls for validation.

Reply to this thread by joining our Discord

Reply on Discord

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more

Recommended threads

Need support?

Join our Discord

Get premium support