I created a Telegram Bot using Botman but I can't get it to communicate with the Telegram bees and then interact with it.
I state that I configured the bot project following the Botman documentation but after numerous attempts to set the webhook and the relative routes that the bot had to use I could not make it work properly.
I attach it under the BotManController source.
The bot was installed in a subfolder of my hosting space and I tried to set the bot webhook by sending a post request of this type:
https://api.telegram.org/bot897***************/setWebHook?url=https://miodominio.ovh/nomebot/botman
The request is then successful but the bot is not connected to the Telegram bees and therefore it is not possible to interact with him via Telegram.
/* metodi nel BotManController.php */
public function handle()
{
$botman = app('botman');
$botman->listen();
}
public function tinker()
{
return view('tinker');
}
public function startConversation(BotMan $bot)
{
$bot->startConversation(new ExampleConversation());
}
P.s. In the comment the link to the routes / botman.php and routes / web.php files
Related
I am trying to make a single login session over the entire project environment. I want users to have only a single sign-on session, let it be on the website, web app, or application connected via api or web guards.
The website and web app worked fine but when I tried calling the same function by API using postman or swagger I get 500 Internal Server Error. I am not sure why am I getting it because there is no such error displayed in the response.
authenticated($request, $this->guard()->user()) in Login Controller
protected function authenticated(Request $request, $user)
{
if (! $user->isActive()) {
auth()->logout();
return trans('auth.login.deactivated_account');
}
event(new UserLoggedIn($user));
if (config('access.users.single_login')) {
auth()->logoutOtherDevices($request->password);
}
}
Sessions get distracted when done in website and web app but when using postman or swagger it's not working, I am not sure why?
I'm currently making an API for a mobile app but I think I'm a bit confused with how email verification and authentication is meant to work. I'm attempting to implement the following flow:
User registers in the mobile app and it sends a request to the API
Laravel creates the user and fires off an email
User receives the email and clicks on the link
Laravel verifies the user and redirects them to the mobile app via deep-link
However when the user clicks the email link a "route login not defined" error is rendered.
Which makes sense, because the user is not authenticated at the time. But am I getting this wrong?
Should I authenticate the user prior to sending the email? And will that work, given that we're using Sanctum rather than "regular" authentication?
Currently this is what I'm doing:
// web.php
Route::get('/email/verify/{id}/{hash}', [EmailVerificationController::class, 'verify'])
->middleware('signed') //note that I don't use the auth or auth:sanctum middlewares
->name('verification.verify');
// EmailVerificationController.php
public function verify(Request $request)
{
$user = User::findOrFail($request->id);
if ($user->email_verified_at) {
return '';
}
if ($user->markEmailAsVerified()) {
event(new Verified($user));
}
return redirect()->away('app://open'); // The deep link
}
Is there any security risk here? Should I at any point authenticate the user before or after they click the link?
I wanted to avoid rendering "web views" as much as possible.
I think that the best way is to implement two different paths based on the source of the user.
Regular email validation for users coming from a browser
The user will just follow the link delivered by email, you can do that with or without authentication (maybe with transparent cookie authentication). If the validation is fulfilled redirect them back to the home page.
Mobile users coming from the mobile application
I would send a PIN (with some kind of expire mechanism) via email and ask them to put it inside the APP to verify the account. This can even be protected with auth middleware using the JWT token with the verification API call.
I don't see any security issue with this last one.
I am developing a laravel package where i need to authorize a private channel.
In my normal laravel project(not the package) everything is working fine:
Event SendMessage:
public function broadcastOn()
{
return new PrivateChannel('chat');
}
and in my route/channel.php i do as follows:
Broadcast::channel('chat', function ($user) {
return Auth::check();
});
But how can i authorize my chat channel inside my laravel package?
In my laravel package the service provider has boot and register functions, as with routes/web.php i know we can register it but what to do with the channels? Can we register them? i find no documentation regarding that Please help.
I am using pusher server and with laravel echo.
Hopefully you can understand my question. I just wanna know how can i authroize channel in my package.
The answer to my own question is that We must uncomment a line from config/app.php which is :
App\Providers\BroadcastServiceProvider::class,
I was struggling with the channels and it comes to the point that , we do not need to register the channels or broadcasting services in our package.
They are by default globally enabled.
So everything remains the same and just by uncommenting that i was able to authorize the private channel.
Hoepfully nobody gets into such trouble.
Cheers.
I'm trying to use laravel's 5.7 email verification to send an email when an account is registered. I have an event that fires that send the url when a user is registered. The event dispatch can be seen here.
protected function registered(Request $request, $user)
{
UserRegistered::dispatch($user);
}
The event fires and a listener sends an email by using the following code.
public function handle(UserRegistered $event)
{
$event->user->notify(new VerifyEmail);
}
This then does send the email verification mail to my email address so the event is working. However the issue I'm having is the verification email link that is contained in the email is incorrect.
http://localhost/email/verify/19?expires=1544182945&signature=b4337e1c7e07a7e7117a8696a30b456ab2a304cdea563ca7aea6c90bb9a2541f
Here is what is being sent by email. However the app url should not be localhost and instead by core-site.test. e.g. http://core-site.test/email/verify etc...
Does anyone know why the url is incorrect and how I can fix it?
Im having trouble understanding how to process the data sent to my post route from the mandrill webhook.
I have set up my route and registered it in the mandrill settings. Sending a test from the dashboard works fine (webhook is triggered on send, open, and hard_bounce):
Route::post('/mailApi/webhooks', 'ContactController#postMandrill');
Currently, I'm just trying to ensure that I can receive the webhook and make sure that I understand the format.
I have created a function for in my ContactController for testing purposes:
public function postMandrill(){
$data = Input::get("mandrill_events");
$mandrill = new Mandrillemail;
$mandrill->event = $data;
$mandrill->msg_subject = 'test';
$mandrill->save();
}
When I send an email to trigger the webhook, I get no errors and nothing is saved in the database. It seems like the route isn't touched at all. What do I need to do to access the webhook?