From Habari Project

Jump to: navigation, search

Socialauth is a feature that allows plugins to use data from the user's social networks to identify him, for example in order to allow him to write a comment. It is not limited to social networks, for example there is also a GitHub plugin (githubauth).



If you just want to use social plugins, this section is for you. See below if you are a developer and want to extend plugins or build new ones. The demonstration plugins are well-documented.

Socialauth is designed in a way that allows a maximum of flexibility and compatibility. That means there is no single Facebook or Twitter plugin - you might need to use more than one plugin to get everything you want. In return you could an application that fits your needs exactly and will not consume extra resources for features you don't need - following the concept of Habari itself.

Please note that there are also plugins that offer social services but do not use the socialauth feature.

In a socialauth scenario, you will need at least two plugins: One that provides the actual authorization and one that uses it. For example, you might want to offer your site's users to login into admin with their social account. For that, you will do the following:

1. Install a plugin that offers authoriziation, for example googleauth. 2. Install the socialadmin plugin and activate both. 3. Get the required API keys and enter them in the auth plugin. For Google, you would have to create an application to retrieve application keys. That is because most services limit access to their API in one way or another.

You're done! The socialadmin will use a hook every socialauth plugin must implement to see which auth services are available. It will then display a link on your login form that will redirect you to your social service to login. That method is called OAuth - you propably have seen it before when using Apps with your social networks.

Providing Auth API specification

Plugins providing socialauth have to implement several hooks to work with other plugins. The hooks use the global Habari system of filters and actions.


Make your service globally known. The following codes is an example as used for GitHub. It checks if the plugin is properly configured before it adds the service to the list. That way you make sure your plugin cannot be used until it is actually working.

public function filter_socialauth_services($services = array())
	$opts = Options::get_group( __CLASS__ );
	if(isset($opts['client_id']) && isset($opts['client_secret'])) {
		// If those are not set, it's of no use to make this plugin public
		$services[] = $this->service;
	return $services;


public function theme_socialauth_link($theme, $service, $paramarray = array())

This function must return a URL (without HTML tag) that will redirect the user to the service to identify/login there.


Pass standardized identification data to plugins:

Plugins::act('socialauth_identified', $service, $userdata);

$service being a value identifying the social network used, for example "Google". It is recommended to simply use the normal writing of that service. You should store that value in a constant at the beginning of your class.

$userdata being an array like the following:

array Array
  [id] => 12345678901234567890
  [name] => Mike Unknown
  [email] => mike.unknown@gmail.com
  [portrait_url] => http://foo.bar/image.jpg

where portrait_url is optional. The array may contain more values but those might be unused by plugins using the socialauth feature.


Currently no requirements.


The following plugins provide the socialauth feature:

  • googleauth
  • githubauth
  • facebookauth

The following plugins require and use the socialauth feature:

  • socialregistration
  • socialadmin
  • socialcommentauth
Personal tools