Github Login
Github has become a very popular social login on websites related to programming and development. Github itself is a big storehouse of opensource projects and community of developers.
Github oAuth documentation can be found at http://developer.github.com/v3/oauth/.
Register website with Github oAuth
The first thing to do would be to register your website with github. Login into your github account, go to settings > application and click "Register a New Application"
Check the screenshot
After registering your website, you get a Client Id and a Client Secret. Those are important values to use in the next steps.
github_login.php
Now lets code the github_login.php that will reside on your website, and will contain the code to let a user login using his github account.
The code can be like this
function signup_github() { $client_id = 'your_client_id'; $redirect_url = 'your_callback_url'; //login request if($_SERVER['REQUEST_METHOD'] == 'GET') { $url = "https://github.com/login/oauth/authorize?client_id=$client_id&redirect_uri=$redirect_url&scope=user"; header("Location: $url"); } }
The above code redirects the user to github oauth authorisation page. Over there the user has to first login (if he is not already), and then give the decision whether to allow github to share information with your site or not.
The github oauth url is https://github.com/login/oauth/authorize and it takes a few parameters. The redirect_uri must be the callback url provided while registering the application. It can be empty, but must not be anything else. The scope defines what level of access our website needs over the user's account at github. scope=user will allow to fetch the user's email address from github.
Once the user authorises github, then github will redirect back to the callback url with a code. This code can be used to perform more api queries.
public function signup_github() { $client_id = 'your_client_id; $redirect_url = 'your_callback_url'; //get request , either code from github, or login request if($_SERVER['REQUEST_METHOD'] == 'GET') { //authorised at github if(isset($_GET['code'])) { $code = $_GET['code']; //perform post request now $post = http_build_query(array( 'client_id' => $client_id , 'redirect_uri' => $redirect_url , 'client_secret' => 'your_client_secret', 'code' => $code , )); $context = stream_context_create(array("http" => array( "method" => "POST", "header" => "Content-Type: application/x-www-form-urlencodedrn" . "Content-Length: ". strlen($post) . "rn". "Accept: application/json" , "content" => $post, ))); $json_data = file_get_contents("https://github.com/login/oauth/access_token", false, $context); $r = json_decode($json_data , true); $access_token = $r['access_token']; $url = "https://api.github.com/user?access_token=$access_token"; $data = file_get_contents($url); //echo $data; $user_data = json_decode($data , true); $username = $user_data['login']; $emails = file_get_contents("https://api.github.com/user/emails?access_token=$access_token"); $emails = json_decode($emails , true); $email = $emails[0]; $signup_data = array( 'username' => $username , 'email' => $email , 'source' => 'github' , ); signup_login_user($signup_data); } else { $url = "https://github.com/login/oauth/authorize?client_id=$client_id&redirect_uri=$redirect_url&scope=user"; header("Location: $url"); } } }
When the code is received, a POST request has to be made to https://github.com/login/oauth/access_token to get an access token, that shall be used to access the api.
After the access token is available, a simple get request is made to
It returns basic information about the user, like his login id, gravatar link etc. But it does not have the email address of the user.
To get the email address, another request has to be made to the api function user/emails like this
This returns the email address of the user.
Signup and Login the user on website
Now the username and email is available, which is the bare minimum necessary to register the user on the system. The function signup_login_user shall take the user data and perform the signup and login.
Flow is as follows
1. Check if email already registered, if yes goto step 3.
2. Signup the user by saving his email, username and password in users table.
3. Login the user by saving session information.
That completes the "Login with Github" process.
Have you checked the code? A lot of things don’t seem to work.
this is really old code. i have not updated it in a long time.
you will probably need to check the docs for the latest working version
Nice work it is helpful for me
It’s often better to end php process with an exit() (or the suited function of your framework if there’s a post action activity) after a header that’s supposed to be the only content of the HTTP response.
Hi…
I need this signup_login_user($signup_data); method code also.Can u any one update?
The signup_login_user is your own application function that will first save the user information in the database then login the user by setting the correct session data.
Check this tutorial for more examples
http://www.codekites.com/php-code-google-openid-login/
Are there some form to login in a github account inside my website, without redirect to github login page???
the login process must redirect to the github website, unless it directly asks for the username/password.
I imagine you could put it in an iframe, but the whole point is that you redirect to github so they can do the authentification so you dont have to