no-translate

Security signature

Generate secret and keep your data safe.
Napisany przez Konstantine
Zaktualizowano 10 miesięcy temu

If you use our User Authentication Mode and you don’t want the pre-chat/offline forms to be displayed in your chat widget, you can still ensure that no one is able to send any random data through your widget. This can be done by generating a special secret and utilizing a security signature on your backend.

To create this signature you need to generate the secret in your HelpCrunch account (Settings page → Security):

When the secret is generated, you can create a signature on you backend with its help. To do that, you need to JSON encode a user data from your request, concatenate it with the secret, make an MD5 hash of it, and add this hash/signature to the init or updateUser method. Here is the PHP example:

 

<?php
    $user = [
        'email' => '[email protected]',
        'name' => 'The Name',
        'user_id' => '12345',
        'phone' => '+49123221312',
    ];
    $signature = md5(json_encode($user) . 'your organization secret');
?>
HelpCrunch('init', 'your organization domain', {
  appId: 'c2c067be-6678-4d0a-8c1c-4f9fad8e4b91',
  user: {
    email: '<?= $user['email'] ?>',
    name: '<?= $user['name'] ?>',
    user_id: '<?= $user['user_id'] ?>',
    phone: '<?= $user['phone'] ?>'
  },
  signature: '<?= $signature ?>'
});

Czy odpowiedzieliśmy na Twoje pytanie?