phpsession-cookieshybridauth

How to login/logout with Hybridauth 3?


I can login/auth the user with Hybridauth3 lib. Here is my code:

session_name("authSession");
session_start();
include 'hybridauth/src/autoload.php';
$config = [
    'callback' => "https://***/loginRead.php",
    'providers' => [
        'Twitter' => [],"includeEmail" => true],
        'Google'   => [], 
        'Facebook' => []   
    ],
];

$authName = "Facebook";
if(isset($_REQUEST['provider'])){

    $provider = strtolower($_REQUEST['provider']);
    switch ($provider) {
        case 'google':
            $authName = "Google";
            break;
        case 'facebook':
            $authName = "Facebook";
            break;
        case 'twitter':
            $authName = "Twitter";
            break;
    }
    $_SESSION['provider'] = $authName;

    $hybridauth = new Hybridauth\Hybridauth( $config ); 
    $adapter = $hybridauth->getAdapter($authName);
    $user = $adapter->authenticate();
    $userProfile = $adapter->getUserProfile();

}
    // this part is for this callback https://***/loginRead.php from config
    if(isset($_SESSION['HYBRIDAUTH::STORAGE']) && count($_SESSION['HYBRIDAUTH::STORAGE'])>=1){

        $provider = $_SESSION['provider'];
        $hybridauth = new Hybridauth\Hybridauth( $config ); 
        $adapter = $hybridauth->getAdapter($provider);
        $user = $adapter->authenticate();
        $userProfile = $adapter->getUserProfile();
    }

    if(isset($_GET['loginExit'])){
        $adapter->disconnect();
        $hybridauth->disconnectAllAdapters();
        session_destroy();
        header("Location:test.php");
        exit();
    }

    echo '<img src="'.$userProfile->photoURL.'"><br>';
    echo $userProfile->identifier.'<br>';
    echo '<a href="?loginExit">Exit</a>';

But I am pretty sure that I am not using it right. As I am saving the provider in session for the second redirect, but there must be way to get the provider name with Hybridauth api or maybe there is no need to do that? How to auth the user with [HYBRIDAUTH::STORAGE] without knowing the privider name? Is there any good 100% working example for the 3 version or etc? Thanks


Solution

  • As @Anar Bayramov points out, there are some examples, although you probably want to look at the official repository examples instead. They also have some prettier online documentation for Hybridauth if you prefer that over just the code examples.

    If you want to use session storage via the Hybrid 'API', then you want to access via the Storage\Session class instead of trying to manipulate the session directly. Broadly speaking, having a library have their own access method and you trying to skip it to talk to the session directly is going to result in some pretty funky, hard to debug problems.

    If you use the Hybridauth Session accessor to store the provider type, then you'll be able to load the correct one from their session storage instead of your own.

    Final note, as of writing this answer Hybridauth v3 is in active development but is marked as beta and potentially unsuitable for production use. v2.9.6 is the current stable release.

    Sidebar

    There's a baisc PHP syntax error in the definition of $config in the OP, so that code is is never going to work. You should probably be loading the library via Composer as well - it will make your life easier for any PHP application. The "which provider do I use" code seems a bit contrived/roundabout when there are simpler ways of writing the same code, but it should do the trick.