Programming

How to check customer login authentication in bigcommerce through PHP

Written by     on    30 Nov, 2021     0      

This is the way it should be :

<?php
//Request URL
//http://your_domain/login.php?l=en-us&[email protected]&[email protected]

//$email = "[email protected]";
if(isset($_GET['email']) && $_GET['email'] != ""){
    $email = $_GET['email'];
}
$pass = "[email protected]";
if(isset($_GET['pass']) && $_GET['pass'] != ""){
    $pass = $_GET['pass'];
}


//chnage your BC store credentials
$store_hash = "your_store_hash";
$bc_token = "your_bc_token";
$bc_client_id = "your_bc_client_id";
$bc_client_secret = "your_bc_client_secret";
$bc_store_url = "your_bc_store_url";
$api_url = 'https://api.bigcommerce.com/stores/'.$store_hash.'/';

function callAPI($method, $url, $data){
    GLOBAL $bc_token;
    GLOBAL $bc_client_id;
    $curl = curl_init();
    switch ($method){
       case "POST":
          curl_setopt($curl, CURLOPT_POST, 1);
          if ($data)
             curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
          break;
       case "PUT":
          curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "PUT");
          if ($data)
             curl_setopt($curl, CURLOPT_POSTFIELDS, $data);			 					
          break;
       default:
          if ($data)
             $url = sprintf("%s?%s", $url, http_build_query($data));
    }
    // OPTIONS:
 
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt( $curl, CURLOPT_HTTPHEADER, array (
          'Accept: application/json',
          'Content-Type: application/json',
          'X-Auth-Token: '.$bc_token,
          'X-Auth-Client: '.$bc_client_id
       ));  
    curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
    curl_setopt( $curl, CURLOPT_SSL_VERIFYPEER, 0 ); 
    curl_setopt( $curl, CURLOPT_SSL_VERIFYHOST, 0 );
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
 
    // EXECUTE:
    $result = curl_exec($curl);
    if(!$result){die("Connection Failure");}
    curl_close($curl);
    return $result;
}

function customer_login_jwt($client_id, $client_secret, $customer_id){
    GLOBAL $bc_client_secret;
    GLOBAL $bc_store_url;
    GLOBAL $store_hash;
    // Create token header as a JSON string
    $header = json_encode(['typ' => 'JWT', 'alg' => 'HS256']);
    // Create token payload as a JSON string
    $payload = json_encode([
        "iss" => $client_id,
        "iat" => time(),
        "jti" => bin2hex(random_bytes(32)),
        "operation" => "customer_login",
        "store_hash" => $store_hash,
        "customer_id" => $customer_id
    ]);
    //Encode Header to Base64Url String
    $base64UrlHeader = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($header));
    //Encode Payload to Base64Url String
    $base64UrlPayload = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($payload));
    //Create Signature Hash
    $signature = hash_hmac('sha256', $base64UrlHeader . "." . $base64UrlPayload, $client_secret, true);
    //Encode Signature to Base64Url String
    $base64UrlSignature = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($signature));
    //Create JWT
    $jwt = $base64UrlHeader . "." . $base64UrlPayload . "." . $base64UrlSignature;
    $checkout_url = $bc_store_url."login/token/".$jwt;
    return $checkout_url;
}

//get customer
$customers = callAPI('GET', $api_url.'v3/customers?email%3Ain='.$email, false);
$customers = json_decode($customers,true);  

if($customers['data']){
    $cobj = $customers['data'][0];
    if($email == $cobj['email']){
        $customer_id = $cobj['id'];
        //Customer Passwords (Validate a Password);
        $password = array("password" => $pass);
        $is_password = callAPI('POST',$api_url.'v2/customers/'.$customer_id.'/validate', json_encode($password));
        $is_password = json_decode($is_password,true);  
        if($is_password['success'] == true){
            
            $login_url = customer_login_jwt($bc_client_id, $bc_client_secret, $customer_id);

            $res = array(
                "success" => true,
                "message" => "Successfully Logged in",
                "id" => $cobj['id'],
                "company" => $cobj['company'],
                "first_name" => $cobj['first_name'],
                "last_name" => $cobj['last_name'],
                "email" => $cobj['email'],
                "phone" => $cobj['phone'],
                "customer_group_id" => $cobj['customer_group_id'],
                "login_url" => $login_url
            );
        } else{
            $res = array(
                "success" => false,
                "message" => "Your password is incorrect. Please try again."
            );
        }
    }
    
} else{
    $res = array(
        "success" => false,
        "message" => "Your email address or password is incorrect. Please try again."
    );
}
echo "<pre>";
print_r($res);
?>
Tags :  bigcommercebigcommerce login apicustomer login authentication in bigcommerceHow to check customer login authentication in bigcommerceHow to check customer login in bigcommerce through PHPHow to implement Authentication in BigCommerce with LoginRadius

Write a Reply or Comment

Your email address will not be published. Required fields are marked *

Submit Guest Post Content
Are you a passionate writer or expert in our categories? You can submit content on our website. Before writing content, you should read our guest posting guidelines.
Read More
NEVER MISS A POST
Get the latest posts and awesome deals delivered to your inbox for free. 100% Privacy.