Login Widget
We verify the authentication and integrity of the received data by comparing the received hash parameter to the hexadecimal representation of the HMAC-SHA-256
signature of the data validation string with the SHA256
hash of the bot token used as the secret key. Details here
🚀 A complete code example is available at this page
Example
<?php
$user = $bot->validateLoginWidget(
user: [
'auth_date' => 1679130118,
'first_name' => 'Сергій',
// other fields
],
throw: true
);
💡 Upon successful validation, the method will return all existing user data that can be used on your server.
Parameters
user
- Type:
array
- Required: Yes
An array of raw user data returned by the authorization widget.
throw
- Type:
bool
- Required: No
- Default:
null
. Default settings apply
If set to true
, the library will throw an exception if validation fails.
Warning
Be sure to use try/catch
if you plan to handle exceptions 😉
If exceptions are enabled, you will get a [ValidationException] exception after a validation failure(../exception/validation.md). Otherwise, false
will be returned.