Chatbots Magazine Become a Writer Intro to Chatbots

Permanent login and making requests with Messenger bot


I’m building Messenger Platform bot for students of our university.
It manages students’ study agenda which means it makes REST API requests and it also needs student’s login for some actions.

I have no idea how to do following things right.

  1. Make student enter his login credentials (I assume I should not do that in conversation thread – So, in some kind of web view API which Messenger Platform offers?)
  2. Permanently login him, so next time student doesn’t have to reenter his password, until he logs out (Web service API offers only 60minutes token, so only thing that comes on my mind is storing his password somewhere, which obviously sounds not really good)
  3. Where to store login and password which is needed for REST API request auth, I should NOT be able to read students’ passwords, but on the other hand, I need to have them available on my server somehow
    • Locally? Not possible for Messenger Bot I think
    • On my server’s database? Still need to have raw passwords in order to make auth requests

Thanks for your advices! :slight_smile:

I think this is the bit you are looking I have not tired it myself (yet!) but I think you can keep it permanent, so whenever the user is using their device it will assume it is them. If that is ok for your use case then it is a one time operation, if however you want to log them out it gets complicated fast :slight_smile:

1 Like

Do you have any idea how to get or use some sort of device token?
Only thing I have available is PSID.
Which means if I use PSID as primary key for login, when you login from your phone, you are “logged” on all devices witch your FB account :thumbsdown:
When doing account linking, you pass “authCode”, but there’s no way how to retrieve authCode from FB then.

Afraid I haven’t tried but hopefully some others on here can help out on that, doesn’t sound like exactly what a user (or you!) would want