To use Y8 Account API and request user information, application needs user access token. You can reed more about obtaining tokens on the appropriate page. In this tutorial we’re going to cover basic obtaining logic and provide code examples for this routines.
This diagram presents basic user-application interaciton.
Wide arrow represent what is happening with user-agent. In our example we will assume that it is browser, but it may be anything - mobile or desktop application, for example.
Narrow arrows represent server-to-server interaction and represent internal application requests to Y8 Account.
Step 1. Preparing your database
We assume that you have php-json, php-mysql and php-curl extensions installed to use following examples.
To log users in, you have to set your database up to store user data. Y8 Account presents a variety of fields that identify user, but in this tutorial we will use following schema:
Unique identifier for user in your application
Y8 Account unique identifier for a user
Aceess token for user to get Y8 Account information
Refresh token that will be used in case access token is expired
Here’s example of creating database and table with php (warning: you’ll need DB server running to do this):
You should put this or similar script into your setup sequence to create account storage.
To use Y8 Account authorization, your application has to present user an Y8 Account window, that will create new user’s account (or log him in, if user already has one) and then ask him to give your application access to one of his identities.
Then, you have to add your link that will display Y8 Account popup when user clicks on it:
Step 3. User logs in and comes back to your application
After clicking the link above, an Y8 Account frame will be presented to user, where he will go through all login routines. After this, he will be redirected to the URI that you’ve provided during previous request.
This URI will have authorization code, as one of the GET parameters. You’ll have to use this code to exchange it for access token afterwards.
Result may have one of the following JSONs:
If everything is ok. And in case of error you will get someghing like this:
To parse the token, you may use the following code:
It is up to you to decide, how you are going to process the error or access token, but we highly recommend you to store tokens to use it for further API requests.
Step 4. Use access token to obtain user information
After receiving access token, you can use it to call different APIs.
This request will return a list of user-information fields, needed to identify user.
Step 5. Finding or creating user in your application
Now you have to check, whether user has already used your application, you can do this by selecting users from your database with just received unique pid. If user already exists - you have to update his information (for example, if nickname has changed). If he does not exist - you have to insert new record for him in the database.
Step 6. Remembering login
After user is obtained and saved into database - the easiest way to remember him between requests is to store his id in session variable:
And then, prepend following code to each of your site pages:
This information is enough to create basic Y8 Account authorization in your application. To find out about various ways to enhance user experience, consult APIs reference.