Building a custom login for your church website using the API
Background
The Application Programming Interface (API) of Fellowship One provides a way for churches to leverage their own church data within custom built applications. This tutorial is going to outline how you can use our API to build a custom login to your church website by authorizing the user based on their WebLink or InFellowship login credentials. This is a 2nd party application and this post builds upon the foundation laid by Jas Singh here. You will find links to the PHP oAuth library and more detail about 2nd party authorization in his post.
Step 1: Build a login form
First, you will need to build a login form requesting a username and password. If the majority of your church has already converted their WebLink login to an InFellowship login, then you will want to ask for their email address as their username. The authentication is designed to accept either a WebLink or InFellowship username.
Here is an example of the code you would need to use to collect the username and password and also print a login failure message if the credentials submitted do not match what is in your Fellowship One database:
<form action="authenticate.php" method="post">
<p>
<?php if(isset($_GET['login']) && $_GET['login'] == "failed")
echo '<span style="color:red">Incorrect Username or Password</span>';?>
<label for="username">Username or Email Address:</label>
<input name="username" type="text" size="20"/>
</p>
<p>
<label for="password">Password:</label>
<input name="password" type="password" size="20" />
<input type="submit" value="Log In" name="submit" />
<input type="hidden" name="redirect" value="<?php echo $_GET['redirect']?>"/>
</p>
<p> <a href="https://integration.fellowshipone.com/integration/Conversion/Create.aspx?
cCode=[YourChurchCode]" target="_blank">Create Account</a> | <a href="https://integration.fellowshipone.com/integration/loginhelp.aspx? cCode=[YourChurchCode]">Forgot Password?<br />
</a> </p>
</form>
Step 2: Process the submission
Once the user enters login credentials and clicks submit, a form action is required. This is where your church website will need to talk to Fellowship One to see if this user exists and if the credentials are correct. This will be done through the API. As part of the authentication process for accessing protected resources, the API needs the username and password separated by a space and base64 & URL encoded. Below is an example script in PHP for submitting the username and password to the API and collecting key user information for use in your own church website. See comments in the code for explanations:
<?php //Get these files from the PHP oAuth library require_once 'OAuth/AppConfig.php'; require_once 'OAuth/OAuthClient.php'; // Create a session session_start(); $results = array(); //Create an instance of oAuthClient $apiConsumer = new OAuthClient(AppConfig::$base_url, AppConfig::$consumer_key, AppConfig::$consumer_secret); //Post the username and password collected on the login page to the request to get an access token if(isset($_POST["submit"]))
{
if($apiConsumer->getAccessToken2ndParty($_POST['username'],$_POST['password'])) //Get the token and token secret and store them in cookies {
$_SESSION['token'] = $apiConsumer->getToken();
$_SESSION['tokenSecret'] = $apiConsumer->getTokenSecret();
}
else
{
session_destroy(); $_SESSION = array(); //If the tokens are not given, the authentication failed. //The login form reads the redirect url and displays a login failure message header('Location:../login.php?login=failed'); exit();
} //Upon successful authentication, the server will send back a response
//We want to get the person location from the response $responseHeaders = $apiConsumer->getResponseHeader(); foreach ($responseHeaders as $val) { $start = 'Content-Location:'; $contentLocation = substr( $val, 0, 17 ); if ($contentLocation == $start) { $personLocation = str_replace($start, "", $val); if( $contentLocation == $start ) { $personLocation = str_replace($start, "", $val); $_SESSION['personurl'] = trim($personLocation); } } } } //if no username or password was entered see if there is already a session else if (isset($_SESSION['token'])) { //Initialize the Access Token. $apiConsumer->initAccessToken($_SESSION['token'],$_SESSION['tokenSecret']); } // if no credentials and no existing session redirect to login page else { header("Location:login.php"); exit(); } $url = $_SESSION['personurl'].".json"; //We want to get some fields from the API and store them in cookies for use within our site $person=$apiConsumer->dorequest($url);
$results = json_decode(strstr($person, '{"person":{'), true); $_SESSION['iCode'] = $results['person']['@iCode']; $_SESSION['firstName'] = $results['person']['firstName']; $_SESSION['lastName'] = $results['person']['lastName']; $_SESSION['personID'] = $results['person']['@id'];
//Another call to get address information
$resource = AppConfig::$f1_people_address;
$f1_people_address = str_replace('{personID}', $_SESSION['personID'], $resource);
$url = AppConfig::$base_url.$f1_people_address.".json";
$addresses=$apiConsumer->dorequest($url);
$addresses=json_decode(strstr($addresses, '{"addresses":{"address":[{')); $_SESSION['address1'] = $addresses->addresses->address[0]->address1; $_SESSION['address2'] = $addresses->addresses->address[0]->address2; $_SESSION['address3'] = $addresses->addresses->address[0]->address3; $_SESSION['city'] = $addresses->addresses->address[0]->city; $_SESSION['stProvince'] = $addresses->addresses->address[0]->stProvince; $_SESSION['postalCode'] = $addresses->addresses->address[0]->postalCode;
//Store other commonly used fields here //Take the user to the members area of your website. Put your own path to the members page here header("Location:members.php"); ?>
Step 3: Add this code to your OAuthClient.php file
public function getAccessToken2ndParty($username, $password) { curl_setopt( $this->connection, CURLOPT_NOBODY, true ); //register a callback function which will process the response headers curl_setopt($this->connection, CURLOPT_HEADERFUNCTION, array(&$this,'readHeader')); $requestURL = sprintf( "%s%s", $this->baseUrl, $this->accesstoken_path ); // SET the username and password $requestBody = Util::urlencode_rfc3986(base64_encode( sprintf( "%s %s", $username, $password))); $getContentType = array("Accept: application/json", "Content-type: application/json"); $requestBody = $this->postRequest($requestURL, $requestBody , $getContentType, 200); preg_match( "~oauth_token\=([^\&]+)\&oauth_token_secret\=([^\&]+)~i", $requestBody, $tokens ); if( !isset( $tokens[1] ) || !isset( $tokens[2] ) ) { return false; } $this->requestToken = $tokens[1] ; $this->tokenSecret = $tokens[2] ; return true; }
Step 4: Send the logged-in user to a member area
Once authentication is complete and key fields are stored, the script redirects the user to a private area of the church website. You now have key data from the api and can easily make calls to retrieve other resources.
Step 5: Build your own integration applications!
As you can see, the API provides churches with an extra layer of intelligence behind the church website and eliminates the need to store any data in a separate web based database. Single sign on is just the beginning of the functionality afforded to churches. Using the API, it is possible to replace numerous aspects of WebLink/InFellowship with custom built applications which remain consistent with the look and feel of the church website.



Categories:
Previous Posts:
- Include Requirements & Contribution Sub Types
- User Case Story from Hope Community Church
- Group Search Categories and More
- Account Creation
- Single Sign On Functionality Exposed
- API Communication Value Changes
- API Enhancement: Create and Edit Groups!
- API Enhancement: Requirements Exposed
- Webhooks
- Resource Versioning
- Enter Visitor Data via Your Church Website
- Fellowship One & Planning Center Online
- API Libraries and Sample Code
- Building a custom login for your church website using the API
- Roll Foward!
- The Agile Triangle
- Conversation Paralysis
- Picture this, image updates & creates through the REST API
- A REST API double shot : Groups and Events realms
- Increasing Software Delivery by 500%
- Quick people API realm update
- Introducing the new REST API giving realm
- Raising the bar…
- Building a Deployment Pipeline
- The World of Dev Craft
- Running Tests in Parallel with Selenium
- Abstracting Your Code to Remove Duplication
- Documentation in an Agile Environment
- Drowning in Debt
- Intro to Ruby on Rails
- API Strategy & Roadmap
- Staging/Sandbox Environment is Back up!
- Downtime in Sandbox/Staging Environment
- Android & OAuth
- F1 API Static Library with Objective-c
- Programming in F#
- NoSQL: HuMONGOus Benefits (Part 2)
- Our Scrum Team Structure
- SaaS & BI - The History & Future
- Getting Started with Android
- NoSQL: Leaving Schema Behind (Part 1)
- Your Feedback…and a $25 Gift Card!
- A Scrum Ceremony? Is this a wedding or something?
- Variables in PHP
- Data Exchange API Fixes
- F1 Check-in on the iPad
- Be the first to get the news & tips!
- An Introduction to PHP
- Working with Pop Up Windows in Selenium
- List Comprehension
- Source Control: A Time Machine For Your Source Code
- Developer Conference…Lower Price, Same Great Content!
- The Quality Assurance Team
- How does Fellowship Technologies manage complex projects?
- Developer Conference coming in May!
- Sandbox Refresh Complete
- Sandbox Refresh This Week
- Updates coming to the REST API
- Sandbox Environment Down Time
- F1Touch :: Fellowship One On The Go
- Under the Hood
- Sandbox Refresh Complete
- Sandbox Refresh Tomorrow (Oct. 2nd)
- Fellowship One Developer Forums
- Ten Commandments of API Consumption
- REST API Enhancements / Fixes deployed to Sandbox and Production 09.09.09
- Data Exchange URL cut-over complete
- Important Data Exchange URL changes
- Ron Nom Nom
- How to get started using the REST API
