An screenshot of the Services page

Integration

Every time users open app using Services, into the URL a query parameter with one-time login token is added.

The token let's you locate the user in our system.

An screenshot of the Services page
An screenshot of the Services page

When you encounter the query, you make an API request to our system, asking if our user is the one, who generated the token and if (s)he is eligible to enter your app, having the access purchased.

In the response, if the user is eligible — we are sending you their e-mail address, enabling you to login them.

To integrate the system, you need to generate your authentication token,

which is required to make an API request to our system, and set your time zone, which is used for payoffs and statistics.

Create a developer account to get access to Panel. After that, contact us to get Partnership privileges.

An screenshot of the Services page

Add your application using developer's Panel,

and put a URL of your development server into the Service input.

The app will be submitted as a Draft first. It is unavailable for users, but lets you test the integration in development mode.

An screenshot of the Services page

Prepare your backend for getting a one-time login token as query parameter.

It serves for locating the user in our system. When we confirm the requesting token was generated by us, you can safely log the user in using the e-mail address received in the response.

Python
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
from django.contrib.auth import authenticate, login
from django.http import HttpResponseRedirect
from django.shortcuts import render
from django.urls import reverse
import json
import requests
import secrets
import datetime

def login_view(request):
    if request.method == "POST":
        # Attempt to sign user in
        username = request.POST["username"]
        password = request.POST["password"]
        user = authenticate(request, username=username, password=password)

        # Check if authentication successful
        if user is not None:
            login(request, user)
            return HttpResponseRedirect(reverse("index"))
        else:
            return render(request, "network/login.html", {
                "message": "Invalid username and/or password."
            })
    # Check if request was sent from Services
    if request.GET.get('services'):
        return auth_user(request, request.GET['services'])
    
    return render(request, "network/login.html")


def auth_user(request, services_token):
    # Endpoint to the services API
    if services_token:
        endpoint = f"http://serwwwices.com/api/authorization/{services_token}"
    else:
        return HttpResponseRedirect(reverse('index'))
    
    # Authorization token. Keep it in environment variables.
    auth_token_from_panel= '<authorization_token_generated_in_panel>'
    headers = {
        'Authorization': f"Bearer {auth_token_from_panel}"
    }

    get_response = requests.get(endpoint, headers=headers)
    if get_response.ok:
        # A user email form services API.
        email = json.loads(get_response.content).get('internal_email_address', None)
        midnight = datetime.datetime.combine(datetime.datetime.today() + datetime.timedelta(days=1), datetime.time.min)

        try:
            user = User.objects.get(email=email)
        except User.DoesNotExist:
            user = User.objects.create_user(f"username_{email.split('@')[0]}_{round(datetime.datetime.now().timestamp())}", email, f"{secrets.token_hex(32)}")
            user.save()

        login(request, user)
        response = HttpResponseRedirect(reverse('index'))
        response.set_cookie('services', 'services_cookie', max_age=(midnight - datetime.datetime.now()).seconds)
        return response
    
    return HttpResponseRedirect(reverse('index'))

To verify if the users are eligible to access your app, you make a API request to our endpoint.

If they are, you get their email address as a response. If not — en error message is returned.

https://serwwwices.com/api/authorization/<services_token>

Payload

headers = {
'Authorization': f"Bearer {auth-token-from-panel}"
}

Response

success
{
‘internal_email_address’: ‘markspencer@gmail.com’
}
failure
{
"success": False, "message": "..."
}

Logging the user out

You have to make sure that when the current day ends - the user is logged out.

An screenshot of the Services page

Setting services_cookie, active until the end of the current day, lets you locate the user to log out.