Menu
Forums
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Trending
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Upgrades
Log in
Register
What's new
Search
Search
Search titles only
By:
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
Software Development
Programming
PHP/OAuth 2.0 Discord Login Script
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Maatt" data-source="post: 463844" data-attributes="member: 21669"><p>Hi everyone,</p><p></p><p>Was looking for this for ages and have been trying to work it out from Discord's documentation. In the end, I just adapted another OAuth 2 script to use with Discord because the principles are basically the same for all websites using OAuth 2.0.</p><p></p><p>The script is very barebones, it just pulls some basic information but you can use it and build it into your applications or existing PHP cms. There are much better approaches available if you're starting everything from scratch. I'd encourage you to look at PassportJS <a href="http://www.passportjs.org/" target="_blank">http://www.passportjs.org/</a> for NodeJS applications or the existing OAuth libraries <a href="https://oauth.net/code/" target="_blank">https://oauth.net/code/</a>.</p><p></p><p>The reason I made this is because I want to add it to my users class for RevCMS so I'll probably release that too once I have it ready.</p><p></p><p>I try but I'm a bit of a noob coder so if I'm doing something silly pls let me know <img src="/styles/default/xenforo/smilies/emojione/tongue.png" class="smilie" loading="lazy" alt=":p" title="Stick Out Tongue :p" data-shortname=":p" /></p><p></p><p>Enjoy..!</p><p></p><p>[CODE=php]<?php</p><p>// Client ID and Secret from Discord.com</p><p>define('OAUTH2_CLIENT_ID', '#MAKE AN APP ON DISCORD AND COPY THIS IN#');</p><p>define('OAUTH2_CLIENT_SECRET', '#MAKE AN APP ON DISCORD AND COPY THIS IN#');</p><p></p><p>// API settings</p><p>define('AUTH_URL', 'https://discord.com/api/oauth2/authorize');</p><p>define('CALLBACK_URL', '########THIS IS URL OF THE FILE THAT YOU SAVE THIS TO####');</p><p>define('SCOPE', 'identify email');</p><p>define('TOKEN_URL', 'https://discord.com/api/oauth2/token');</p><p>define('URL_BASE', 'https://discord.com/api/users/@me');</p><p></p><p>session_start();</p><p></p><p>if (get('action') == 'login') {</p><p> // Random Hash stored in session for security.</p><p> $_SESSION['state'] = hash('sha256', microtime(TRUE).rand().$_SERVER['REMOTE_ADDR']);</p><p> unset($_SESSION['access_token']);</p><p> </p><p> $params = array(</p><p> 'client_id' => OAUTH2_CLIENT_ID,</p><p> 'redirect_uri' => CALLBACK_URL,</p><p> 'response_type' => 'code',</p><p> 'scope' => SCOPE,</p><p> 'state' => $_SESSION['state']</p><p> );</p><p> </p><p> //Redirect to Discord Auth Page</p><p> header('Location: ' . AUTH_URL . '?' . http_build_query($params));</p><p> die();</p><p>}</p><p></p><p>if (get('action') == 'logout') {</p><p> session_destroy();</p><p> header('Location: ' . $_SERVER['PHP_SELF']);</p><p> die();</p><p>}</p><p></p><p>if (get('code')) {</p><p> if(!get('state') || $_SESSION['state'] != get('state')) {</p><p> header('Location: ' . $_SERVER['PHP_SELF']);</p><p> die();</p><p> }</p><p> </p><p> //Exchange auth_code for token</p><p> $token = apiRequest(TOKEN_URL, true, array (</p><p> 'client_id' => OAUTH2_CLIENT_ID,</p><p> 'client_secret' => OAUTH2_CLIENT_SECRET,</p><p> 'grant_type' => 'authorization_code',</p><p> 'code' => get('code'),</p><p> 'redirect_uri' => CALLBACK_URL,</p><p> 'scope' => SCOPE</p><p> ));</p><p> $_SESSION['access_token'] = $token->access_token;</p><p> </p><p> header('Location: ' . $_SERVER['PHP_SELF']);</p><p>}</p><p></p><p>if(session('access_token')) {</p><p> $user = apiRequest(URL_BASE, false, '');</p><p></p><p> echo '<h3>Logged In</h3>';</p><p> echo '<h4>' . $user->username . '</h4>';</p><p> echo '<pre>';</p><p> print_r($user);</p><p> echo '</pre>';</p><p> echo '<p><a href="?action=logout">Log Out</a></p>';</p><p></p><p>} else {</p><p> echo '<h3>Not logged in</h3>';</p><p> echo '<p><a href="?action=login">Log In</a></p>';</p><p>}</p><p></p><p>// Functions</p><p>function apiRequest($url, $post, $params) {</p><p> $ch = curl_init();</p><p> curl_setopt($ch, CURLOPT_URL, $url);</p><p> curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);</p><p> curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);</p><p> </p><p> if ($post) {</p><p> curl_setopt($ch, CURLOPT_POST, TRUE);</p><p> curl_setopt($ch, CURLOPT_POSTFIELDS, $params);</p><p> }</p><p> </p><p> if (session('access_token')) {</p><p> curl_setopt($ch, CURLOPT_HTTPHEADER, array(</p><p> 'authorization: Bearer ' . session('access_token'),</p><p> 'cache-control: no-cache',</p><p> 'Accept: application/json'</p><p> ));</p><p> }</p><p> </p><p> $data = curl_exec($ch);</p><p> return json_decode($data);</p><p>}</p><p></p><p>function get($key, $default=NULL) {</p><p> return array_key_exists($key, $_GET) ? $_GET[$key] : $default;</p><p>}</p><p></p><p>function session($key, $default=NULL) {</p><p> return array_key_exists($key, $_SESSION) ? $_SESSION[$key] : $default;</p><p>}</p><p>?></p><p>[/CODE]</p></blockquote><p></p>
[QUOTE="Maatt, post: 463844, member: 21669"] Hi everyone, Was looking for this for ages and have been trying to work it out from Discord's documentation. In the end, I just adapted another OAuth 2 script to use with Discord because the principles are basically the same for all websites using OAuth 2.0. The script is very barebones, it just pulls some basic information but you can use it and build it into your applications or existing PHP cms. There are much better approaches available if you're starting everything from scratch. I'd encourage you to look at PassportJS [URL]http://www.passportjs.org/[/URL] for NodeJS applications or the existing OAuth libraries [URL]https://oauth.net/code/[/URL]. The reason I made this is because I want to add it to my users class for RevCMS so I'll probably release that too once I have it ready. I try but I'm a bit of a noob coder so if I'm doing something silly pls let me know :p Enjoy..! [CODE=php]<?php // Client ID and Secret from Discord.com define('OAUTH2_CLIENT_ID', '#MAKE AN APP ON DISCORD AND COPY THIS IN#'); define('OAUTH2_CLIENT_SECRET', '#MAKE AN APP ON DISCORD AND COPY THIS IN#'); // API settings define('AUTH_URL', 'https://discord.com/api/oauth2/authorize'); define('CALLBACK_URL', '########THIS IS URL OF THE FILE THAT YOU SAVE THIS TO####'); define('SCOPE', 'identify email'); define('TOKEN_URL', 'https://discord.com/api/oauth2/token'); define('URL_BASE', 'https://discord.com/api/users/@me'); session_start(); if (get('action') == 'login') { // Random Hash stored in session for security. $_SESSION['state'] = hash('sha256', microtime(TRUE).rand().$_SERVER['REMOTE_ADDR']); unset($_SESSION['access_token']); $params = array( 'client_id' => OAUTH2_CLIENT_ID, 'redirect_uri' => CALLBACK_URL, 'response_type' => 'code', 'scope' => SCOPE, 'state' => $_SESSION['state'] ); //Redirect to Discord Auth Page header('Location: ' . AUTH_URL . '?' . http_build_query($params)); die(); } if (get('action') == 'logout') { session_destroy(); header('Location: ' . $_SERVER['PHP_SELF']); die(); } if (get('code')) { if(!get('state') || $_SESSION['state'] != get('state')) { header('Location: ' . $_SERVER['PHP_SELF']); die(); } //Exchange auth_code for token $token = apiRequest(TOKEN_URL, true, array ( 'client_id' => OAUTH2_CLIENT_ID, 'client_secret' => OAUTH2_CLIENT_SECRET, 'grant_type' => 'authorization_code', 'code' => get('code'), 'redirect_uri' => CALLBACK_URL, 'scope' => SCOPE )); $_SESSION['access_token'] = $token->access_token; header('Location: ' . $_SERVER['PHP_SELF']); } if(session('access_token')) { $user = apiRequest(URL_BASE, false, ''); echo '<h3>Logged In</h3>'; echo '<h4>' . $user->username . '</h4>'; echo '<pre>'; print_r($user); echo '</pre>'; echo '<p><a href="?action=logout">Log Out</a></p>'; } else { echo '<h3>Not logged in</h3>'; echo '<p><a href="?action=login">Log In</a></p>'; } // Functions function apiRequest($url, $post, $params) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); if ($post) { curl_setopt($ch, CURLOPT_POST, TRUE); curl_setopt($ch, CURLOPT_POSTFIELDS, $params); } if (session('access_token')) { curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'authorization: Bearer ' . session('access_token'), 'cache-control: no-cache', 'Accept: application/json' )); } $data = curl_exec($ch); return json_decode($data); } function get($key, $default=NULL) { return array_key_exists($key, $_GET) ? $_GET[$key] : $default; } function session($key, $default=NULL) { return array_key_exists($key, $_SESSION) ? $_SESSION[$key] : $default; } ?> [/CODE] [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Software Development
Programming
PHP/OAuth 2.0 Discord Login Script
Top