Sign in with Hey.Café
We want to make things easy, and that's why we are working on many ways to connect to an account and provide easy sign in. So we have added the ability to allow users to sign in to your service by using a Hey.Café account.
Sign in with button
This helper script will generate a "Sign in with" button where it’s placed, and it will auto encode the information you provide for the request. It will also use the current URL if the URL variable is set to false. The source is not minified and can easily be read or copied.
<script src='https://hey.cafe/application/external/sign_in_with.js' publisher='NodeHost' reason='Account sign in and access' url='false'></script>Making the request
This part is easy, send the person a URL using this structure. You need to replace PUBLISHER, REASON, and SENDBACK with your own data encoded in base64. You can do this in most languages or manually create the URL values using an online service such as: https://www.base64encode.org
hey.cafe/request/auth/PUBLISHER/REASON/SENDBACK
Data you need to provide:
| Information | Description |
|---|---|
| PUBLISHER | Your application or website name. |
| REASON | A simple message that will say why the key is needed. For example: “For our native app”. |
| SENDBACK | A url to send the user to when done. We append ?key=KEY to your URL when sending them back (if already using url variables we change it according), and this will be the API key. |
Checking access and getting user data
Now that the user is back on your service, you can validate the API key sent returned in ?key=KEY by calling the following endpoint. If the key is not valid, system_api_error will have the value notvalid.
endpoint.hey.cafe/api/account_key?query=KEY
What to keep and store
The user can change all of their details on Hey.Café except for the account id. This will always be the same, and it is the value you should store for the linked account along with the API key.
Keep in mind that each time the user gets sent to the API URL, it will change the key. So update the key any time the user is sent back to you after validating it's the same user by comparing the stored user id in your system.
This key is linked to your PROVIDER and the SENDBACK value, so make sure you keep this the same each time. Otherwise, the user will see a buildup of sessions in settings for your service.
NOTE: The key will expire on each on sign in!
Request permissions like location or email
Once you have their key, you can make a request to ask the user to see their email address or location (provided in Account Settings - Info). The location be used to provide tax rates for billing purposes.
Send the person to this URL structure. You do need to replace key TYPE and SENDBACK with your own data, unlike before due to formatting you only need base64 encoding to be url safe for the sendback url if you provide it.
Create a new URL using this structure and send them user to it: hey.cafe/request/permission/TYPE/KEY/SENDBACK
Data you need to provide:
| Information | Description |
|---|---|
| KEY | This is the key we sent back to you when you performed the sign-in request. |
| TYPE | This is the type of data you want. Options are: location, email, and all (provides both). |
| SENDBACK | The URL to send the user to when done. We will append ?key=KEY once again. We also append &permission=TYPE as a reminder for what was just requested. |
How to get data
You can get the data in the normal account_key check as a new variable will appear depending on the type of data requested. If the variables are not present in response_data, the permissions were either not granted or you did not ask for it.
- Email: - Will result in a new variable with the name
email. - Location: - Will have 2 variables. One is for the country and one is for the province/state. The data may have the value
falseif the user never set their location on Hey.Café inside Account Settings - Info.