June 6, 2019 at 16:16

BotAuth - login and registration using bots

  • Tutorial


BotAuth - a package that allows you to log in using the bot Vkontakte, FaceBook, Telegram.

The main objective of BotAuth is to simplify visitors to Web sites / PWA login through social networks.

While social. Networks do not provide feedback from native mobile applications to a website; developers have to send a user to a browser, where they need to enter their login and password again.

Using bots, you can get feedback (callback) from the native application, thereby not forcing to enter the username and password of the social. network in the browser.

Demo - https://laravel.zetrider.ru/botauth
GitHub - https://github.com/zetrider/BotAuth

Links of the form:

https://vk.me/ https://t.me/ https://m.me/

open a mobile application to start a dialogue with the bot. The visitor will not have to re-enter the username and password in the browser.

You can connect bots:

  • In contact with
  • Telegram
  • Facebook
  • Your own provider (example below)

Installation
  1. composer require zetrider / botauth
  2. Connect the package in config / app.php
    Provider
    ZetRider\BotAuth\BotAuthServiceProvider::class,

    Facade
    'BotAuth' => ZetRider\BotAuth\Facades\BotAuth::class,

  3. Copy the config. file
    php artisan vendor:publish --tag=botauth-config

    if necessary
    php artisan vendor:publish --tag=botauth-views

    php artisan vendor:publish --tag=botauth-migrations

  4. Indicate for the necessary social. networks link in config / botauth.php in the link parameter.
  5. Fill ENV file with bot keys
    BOTAUTH_VKONTAKTE_API_SECRET
BOTAUTH_VKONTAKTE_API_TOKEN
BOTAUTH_VKONTAKTE_API_CONFIRM
BOTAUTH_TELEGRAM_API_TOKEN
BOTAUTH_TELEGRAM_PROXY
BOTAUTH_FACEBOOK_API_SECRET
BOTAUTH_FACEBOOK_API_TOKEN
BOTAUTH_FACEBOOK_API_CONFIRM

  6. Run migrations
    php artisan migrate

  7. In Middleware VerifyCsrfToken add an address exception for callback, default is botauth / callback / * '
    
            protected $except = [
                'botauth/callback/*' // Except callback Csrf middleware
            ];

  8. For your User model, add a trait:
    use ZetRider\BotAuth\Traits\BotAuthUserTrait;

    which will add a relationship with user logins from the social. networks


Connecting bots:

In contact with
  1. Open your community settings or create a new vk.com/groups?w=groups_create
  2. In the community settings, open the "Settings" section - "Work with the API"
  3. Create a passkey, select "Allow the application to access community messages", write down the key, it must be specified in .env BOTAUTH_VKONTAKTE_API_TOKEN
  4. On the same page, select the Callback API, select “API Version” 5.95 , specify the callback address of your site in the “Address” field, default example
    https://DOMAIN/botauth/callback/vkontakte
  5. Below specify the line that the server should return to .env BOTAUTH_VKONTAKTE_API_CONFIRM
  6. In the "Secret key" field, enter any secret key, specify in .env BOTAUTH_VKONTAKTE_API_SECRET
  7. After filling out all the keys in .env, click the "Confirm" button
  8. On the same page, open the “Event Types” tab, select “Inbox”
  9. Open the community settings, the item "Messages", enable the "community messages"
  10. Open the community settings, the item "Messages" - "Settings for the bot", turn on "Bot features"

The bot is ready to go.

An example of a direct link to a dialogue with a bot
https://vk.me/zetcode


Telegram
  1. Create your bot via @BotFather
  2. Remember the key, specify in .env BOTAUTH_TELEGRAM_API_TOKEN
  3. Add a web hook via
    https://api.telegram.org/botYOUR_TOKEN/setWebhook?url=https://DOMAIN/botauth/callback/telegram

    replace YOUR_TOKEN with your token, DOMAIN with your domain
  4. If necessary, specify the proxy in .env BOTAUTH_TELEGRAM_PROXY , for example socks5h: //127.0.0.1: 1080

The bot is ready to go.

An example of a direct link to a dialogue with a bot
https://t.me/BotAuthBot


Facebook
  1. You must have created a page, if it is not, add www.facebook.com/pages/creation/?ref_type=universal_creation_hub
  2. Add the new developers.facebook.com/apps app
  3. In the application settings, select “Basic”, copy the “Application Secret” to .env BOTAUTH_FACEBOOK_API_SECRET
  4. In the application settings you need to add the product "Messenger"
  5. In the “Messenger” product settings, create an access token, specify it in .env BOTAUTH_FACEBOOK_API_TOKEN
  6. In the settings of the Messenger product, create a web hook, specify in the callback URL 
    https://DOMAIN/botauth/callback/facebook
    replace DOMAIN with your domain
  7. In the "Confirm marker" field, specify any text, save it in .env BOTAUTH_FACEBOOK_API_CONFIRM
  8. In the “Subscription Fields” options, select “messages”
  9. Click Confirm
  10. After confirming the server in the web hook settings, select the page, click "Subscribe"
  11. In the “Check Messenger Application” window, next to “pages_messaging”, click “Add to Request”

The bot is already ready for work, but is available only to administrators.

After confirming the application, it will become available to all visitors. Submit the application for moderation.

An example of a direct link to a dialogue with a bot
https://m.me/zetridercode


Important:

  1. The site should work on https
  2. The Facebook bot returns a PSID that does not match the public user ID.
  3. By default, the bot controller works with the \ App \ User model. If you have a different case, just create your controller and model based on examples from the repository. Model , Controller

How to add your provider:

Create your own class that inherits an abstract class

ZetRider\BotAuth\AbstractProvider

Example example / ExampleProvider.php

Add a provider to the service, for example, AppServiceProvider in the boot method


// Register example proider
BotAuth::extend('example', function() {
    return new \Path\To\Your\Class\ExampleProvider();
});

The provider will process requests in a callback at 

https://.../botauth/callback/example

Events

Event upon successful processing of a new message from the bot


// Catch bot callback
\Event::listen(\ZetRider\BotAuth\Events\MessageNewEvent::class, function($event)
{
    $provider = $event->provider; // ZetRider\BotAuth\AbstractProvider
    $slug = $provider->getProviderSlug();
    $data = $provider->getCallbackResponse();
    $user = $provider->getUser();
    $text = $provider->getText();
    // You can send a message
    // $provider->sendMessage(__('Back to web site'));
});
Tags:

Also popular now: