Auto Login
How it works?
AutoLogin is a free HostBill plugin (included in all versions since 2016-05-06) that allows you to log-in your customers from external application/website with customer email address.
The power of AutoLogin feature is that you are not forced to redirect user anywhere after log-in into your application, all actions are taken in the background, between your application's server and HostBill's.
Additionally you can auto-logout customers once they log-out of your application.
Connecting your application and auto-login should work with this flow:
- Client logs-in into your application
- Your application generates access hash from user email + secret from module configuration
- Your application HTTP POST this hash to Auto-Login module
- Module authenticates customer, and returns url that you should link your application from. I.e.: via "Access billing portal" link
- Once customer visits this link he/she will be automatically logged in.
- [Optional] When customer logs out of your application, it POST request to log-out customer from HostBill too
- [Optional] You can use 'redirect' parameter to generate URL that redirects clients to a specific resource.
Configuring module
This module is by default included in all new HostBill downloadable packages.
Visit Settings → Modules → Plugins, find and activate "Client Auto Login" module. If module is not on your list, make sure to update to latest HostBill version first.
You need to enter your secret code that will be used to create access hash in your application code.
Code sample: Login customer
Code sample below is in PHP using cURL.
<?php
// Get cURL resource
$ch = curl_init();
// Set AutoLogin url
curl_setopt($ch, CURLOPT_URL, 'http://yourhostbillurl.com/index.php?cmd=autologin&action=login');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// Data to post:
$email= "user@email.com"; //Client's email address
$duration = "160"; //Time in seconds for how long user login link will work
$secret = "SECRET_CODE"; //Secret code set in module configuration (in previous step)
$hash = md5($email.$secret.$duration); //Verification string
$body = http_build_query([
'email'=>$email,
'duration'=>$duration,
'hash'=>$hash,
'redirect' => 'http://yourhostbillurl.com/index.php?cmd=clientarea&action=invoices', //optional
]); //data to post
// Set POST data
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
// Send the request & save response to $resp
$resp = curl_exec($ch);
if(!$resp) {
die('Error: "' . curl_error($ch) . '" - Code: ' . curl_errno($ch));
} else {
$array = json_decode($resp,true);
if($array['success']) {
$login_url = $array['login_url']; //url to link customer to HostBill
$token = $array['token']; //token we can use to log user out
} else {
die('Error: "' . $array['error'] .'"');
}
}
curl_close($ch);
Code sample: Logout customer
Code sample below is in PHP using cURL.
<?php // Get cURL resource $ch = curl_init(); // Set AutoLogin url curl_setopt($ch, CURLOPT_URL, 'http://yourhostbillurl.com/index.php?cmd=autologin&action=autologout'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Data to post: $token = ""; //Login token returned upon user auto-login (previous step) $body = http_build_query([ 'token'=>$token ]); //data to post // Set POST data curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $body); // Send the request $resp = curl_exec($ch); curl_close($ch);