AutoLoginShare
Notice: This module is deprecated and no longer supported by HostBill
Overview
AutoLogin allows you to log-in your customers from external application/website with customer email address.
The power of AutoLogin feature is that you are not forced to redirect user anywhere after log-in into your application, all actions are taken in the background, between your application's server and HostBill's.
Additionally you can auto-logout customers once they log-out of your application.
Connecting your application and auto-login should work with this flow:
- Client logs-in into your application
- Your application generates access hash from user email + secret from module configuration
- Your application HTTP POST this hash to Auto-Login module
- Module authenticates customer, and returns url that you should link your application from. I.e.: via "Access billing portal" link
- Once customer visits this link he/she will be automatically logged in.
- [Optional] When customer logs out of your application, it POST request to log-out customer from HostBill too
- [Optional] You can use 'redirect' parameter to generate URL that redirects clients to a specific resource.
Activating the module
The plugin installation can be done in three steps:
- Download AutoLoginShare from your client area
- Upload and unzip it in your HostBill root directory
- Activate it in your module manager in HostBill (SLAVE)
To update to newer version you will just have to repeat step 1 & 2, or check Auto-Update plugin built into your HostBill for one click updates.
MASTER API settings
After generating API key in your MASTER HOSTBILL→ adminarea → Settings → Security → API Access, you can limit ACL to two functions: getClientDetails & verifyClientLogin
Module Configuration
After activating your module in SLAVE HostBill you need to provide:
- URL to your MASTER HostBill adminarea
- API ID from your MASTER HostBill
- API KEY from your MASTER HostBill
- Optionally, you can disable client registration in SLAVE HostBill by enabling block_registrations
- Tick Check for paid if you want to enable only the clients who had paid for something to login to your Master HostBill
Code sample: Login customer
Code sample below is in PHP using cURL.
Sample log-in code
<?php// Get cURL resource$ch = curl_init();// Set AutoLogin urlcurl_setopt($ch, CURLOPT_URL, 'http://yourhostbillurl.com/index.php?cmd=autologin&action=login');curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);// Data to post:$duration = "160"; //Time in seconds for how long user login link will work$secret = "SECRET_CODE"; //Secret code set in module configuration (in previous step)$hash = md5($email.$secret.$duration); //Verification string$body = http_build_query([ 'email'=>$email, 'duration'=>$duration, 'hash'=>$hash,]); //data to post// Set POST datacurl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, $body);// Send the request & save response to $resp$resp = curl_exec($ch);if(!$resp) { die('Error: "' . curl_error($ch) . '" - Code: ' . curl_errno($ch));} else { $array = json_decode($resp,true); if($array['success']) { $login_url = $array['login_url']; //url to link customer to HostBill $token = $array['token']; //token we can use to log user out } else { die('Error: "' . $array['error'] .'"'); }}curl_close($ch); |
Code sample: Logout customer
Code sample below is in PHP using cURL.
Sample log-out code
<?php// Get cURL resource$ch = curl_init();// Set AutoLogin urlcurl_setopt($ch, CURLOPT_URL, 'http://yourhostbillurl.com/index.php?cmd=autologin&action=autologout');curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);// Data to post:$token = ""; //Login token returned upon user auto-login (previous step)$body = http_build_query([ 'token'=>$token]); //data to post// Set POST datacurl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, $body);// Send the request$resp = curl_exec($ch);curl_close($ch); |