Skip to main content
[ADDON] Social Login and Register Started by Spuds · · Read 87633 times 0 Members and 1 Guest are viewing this topic. previous topic - next topic

[ADDON] Social Login and Register

External Authentication / Login / Register using a 3rd party account

Allows your users to connect with one click to your ElkArte Forum using their social network accounts.

Supports several social networks:  Twitter, LinkedIn, Google, GitHub, Yahoo, Amazon, Facebook

Introduction

Inspired by https://www.elkarte.net/community/index.php?topic=4360.0 and trying on the challenge.  Here is an External Authentication / Login / Register Addon that uses your Social Media account.  This addon builds on the initial work done by @Ant59‍ and at the core it is using HybridAuth

To use this YOU need to register your site as an "app" at EACH Social Network Provider that you intend to allow on your site.  Doing this is different but similar for each Site, basic instructions and links are below (and also in the Admin section of the addon)  The admin settings for the addon are under Admin -> Members -> Registration -> OAuth Providers

Details

The settings for the addon are under Admin -> Members -> Registration -> OAuth Providers

Each social network will require that you create an external application linking your Web site to their API. These external OAuth applications ensure that users are logging into the correct Web site and allows it to send the user back to the correct Web site after successfully authenticating.

The link to setup your OAuth accounts for these sites is provided in the Admin Panel along with general steps of what to do for each API.  Most important will be the Redirect URIs which is provided in the help for each. 

Features

  • Allows a single ElkArte user profile to be connected to multiple social provider accounts
  • Follows Elkarte's registration workflow but streamlined with provider authorization.
  • Attempt to fetch some profile information from the social site during registration (avatar, name, website, etc) access depends on each social site.
  • Allows users to authorize / deauthorize providers in their account settings (Modify Profile -> Connected Accounts)
  • Allows admin to selectively enable / disable providers
  • Allows for one button login to connected accounts.

Existing users should "Connect" their current site account with each of the social networks they intend to use.  They can do this from their profile page Modify Profile -> Connected Accounts. Once done they can simply click the appropriate social icon on the login page and be logged in to the site.

New users can select a social login icon which will begin a registration process that will Connect a new site account to the chosen social site.  They will still have to accept your site agreement and any required profile fields you have enabled including email and userid.

Repo / Download

Get it here: https://addons.elkarte.net/feature/External-Auth.html

Provider Setup
The specifics for providers are always changing.  You will need to do your own legwork/homework on what is required for each.  HybridAuth should be your source on how to do those steps.  The following is just a general guide for several providers.  Note the specific steps are often changing so use this as a basic outline to get you going.

Setting up Twitter


Setting up Google

  • Go to https://console.cloud.google.com/apis/credentials
  • Create a new project, you will then see the API Manager for you new Project
  • Select OAuth consent screen.  The consent screen will be shown to users whenever you request access to their
      private data using your client ID. Fill out any required fields such as the site url, contact email and logo.   You also need to enable the email and profile "scopes".
  • Select Credentials -> Create Credentials -> OAuth Client ID.
  • In Client ID settings: Select Application Type as Web Application
  • Authorized Redirect URIs - enter the Authentication URL https://YOUR-SITE-URL/sources/ext/hybridauth?hauth.done=Google
  • Copy your Client ID and Client secret to corresponding fields in the addon settings

Setting up Yahoo!


Setting up GitHub


Setting up Amazon


Setting up Facebook


Setting up LinkedIn


Re: [ADDON] Social Login and Register

Reply #1

This is a very good news and in about time. Hopefully, will be a feature in EA.

 

Re: [ADDON] Social Login and Register

Reply #2

Just installed and tried using proper FB key and secret and get this error:
Quote"PHP message: PHP Fatal error:  Uncaught Error: Class 'Facebook\Facebook' not found in /var/www/clients/client2/web1/web/sources/ext/hybridauth/Hybrid/Providers/Facebook.php:56
Stack trace:
#0 /var/www/clients/client2/web1/web/sources/ext/hybridauth/Hybrid/Provider_Model.php(99): Hybrid_Providers_Facebook->initialize()
#1 /var/www/clients/client2/web1/web/sources/ext/hybridauth/Hybrid/Provider_Adapter.php(101): Hybrid_Provider_Model->__construct('Facebook', Array, Array)
#2 /var/www/clients/client2/web1/web/sources/ext/hybridauth/Hybrid/Auth.php(277): Hybrid_Provider_Adapter->factory('Facebook', Array)
#3 /var/www/clients/client2/web1/web/sources/ext/hybridauth/Hybrid/Auth.php(229): Hybrid_Auth::setup('Facebook', Array)
#4 /var/www/clients/client2/web1/web/sources/controllers/Extauth.controller.php(205): Hybrid_Auth::authenticate('Facebook')
#5 /var/www/clients/client2/web1/web/sources/controllers/Extauth.controller.php(120): Extauth_Controller->getAdapterProfile()
#6 /var/www/clients/client2/web1/web/sour" while reading response header from upstream, client: 192.168.0.108, server: elkarte.sch.my, request: "GET /index.php?action=extauth;provider=facebook;c8abbad8=029259a6d57c6c874ba645caffc09ca4 HTTP/2.0"

Re: [ADDON] Social Login and Register

Reply #3

Thank you for the FB testing, that was the only one I could not test ... I should be able to figure it out whats going on from that trace :D

Re: [ADDON] Social Login and Register

Reply #4

Nice :)

I was playing with HybridAuth for a while but couldn't get it to work (errors that login page cannot be accessed directly etc..)

Re: [ADDON] Social Login and Register

Reply #5

Quote from: ahrasis – Just installed and tried using proper FB key and secret and get this error:
I've updated the addon (update is in the first post).  This should fix that facebook error.  The provider script was not calling the FB autoloader.  Also updated the FB api to what I think is the latest, well at least what composer pulled down.
Quote from: phantom – Nice :)

I was playing with HybridAuth for a while but couldn't get it to work (errors that login page cannot be accessed directly etc..)
I think that was mainly due to sessions issues ... one of the main things needed to get this to run was include SSI in hybridauth index.php so it uses ElkArte sessions and not default PHP ones.  But yeah this was a bit of a pain to get running !

Re: [ADDON] Social Login and Register

Reply #6

Nice work!  Will this work for 1.1rc1?

Re: [ADDON] Social Login and Register

Reply #7

Will test it again soon and report.


Re: [ADDON] Social Login and Register

Reply #9

Gave it a whirl.  The icons don't show.  Looks like they use fontawesome.  I may look at either including FA or replacing the inclusions with svg.  With your permission of course.

Re: [ADDON] Social Login and Register

Reply #10

Ah ... there is a setting (available to addons) in 1.1 to enable FA :D see we did not leave ya hanging ... I can't remember what it is right now but will post back later.

Re: [ADDON] Social Login and Register

Reply #11

Quote from: Spuds – Ah ... there is a setting (available to addons) in 1.1 to enable FA :D see we did not leave ya hanging ... I can't remember what it is right now but will post back later.

Really?  Cool!  That's even easier.  Learned something too. 

Re: [ADDON] Social Login and Register

Reply #12

Facebook fixes you did work! Partially though.

It registers the user, ask for username and email is successfully imported into the field with choice to be make it public. Continue from that the user cannot login to EA, though user's details are listed in members list already.

One more thing, I kinda get this while uninstall the previous package:
QuoteType of error: General
file_get_contents(/var/www/clients/client2/web1/web/themes/default/css/Extauth.css): failed to open stream: No such file or directory
https://www.sch.my/index.php?action=admin;area=packages;sa=uninstall2;package=elk_external_auth.zip;pid=410
Apply Filter: Only show the errors from this file File: /var/www/clients/client2/web1/web/sources/SiteCombiner.class.php
Line: 344

Type of error: General
filemtime(): stat failed for /var/www/clients/client2/web1/web/themes/default/css/Extauth.css
https://www.sch.my/index.php?action=admin;area=packages;sa=uninstall2;package=elk_external_auth.zip;pid=410
/var/www/clients/client2/web1/web/sources/SiteCombiner.class.php
Line: 268

The above could be due to me restoring the old 1.0.9 without the fixes already given in 1.0.10 test package. I'll check it out.

Re: [ADDON] Social Login and Register

Reply #13

Well I had to register for a temporary FB account to test this  :(

Selecting FB to register, I was redirected to FB to approve the connection.
I approved it and was directed back to the ElkArte registartion screen with the email (from FB) filled in as expected. 
I entered a username accepted the agreement and clicked register with FB.

At that point I was logged in and my account on the ElkArte had my FB avatar and a few other details, so everything seemed to work as expected for me.  The only thing I can think of is that you did not have the correct Valid OAuth redirect URIs filled out in the FB app?

My FB app has
Client OAuth Login: yes 
Web OAuth Login Yes
Force Web OAuth Reauthentication: No
Embedded Browser OAuth Login: No
Valid OAuth redirect URI: http://YOUR-SITE/sources/ext/hybridauth?hauth_done=Facebook
Login from Devices: No

I would not worry about that CSS file error, just a problem from me updating packages.

Re: [ADDON] Social Login and Register

Reply #14

I did not test the addon, but what happens if there are mandatory custom fields required in Elkarte registration? Are they ignored? IIRC the ONE all mod for SMF ignores custom fields. 
sorry for my bad english