River documentation

River documentation

  • Documentation
  • Blog

›User Authorization

User Authorization

  • User Authorization

Error Handling

  • Error Handling

PUSH-notifications

  • Handling PUSH-notifications

Handling Updates

  • Handling Updates

Pagination

  • Pagination

Message Drafts

  • Message Drafts

Encryption

  • Encryption

API methods

  • Available method list

Client Optimization

  • Client Optimization

Uploading and Downloading

  • Uploading and Downloading

User Authorization

Authorization is correlated with a client’s encryption key identifier: auth_id int 64. Additional parameters do not require to be passed into methods following authorization.

Sending a verification code

In order to authorize the user, a text message comprising an authorization code needs to be sent to the user's phone. We've provided this by using authSendCode constructor. Possible ways that the system will automatically choose how to send the authorization code are as follows:

  • River code
  • SMS code

The send_code method also has parameters for passing an SMS token that will be included in the sent SMS. For example, the latter is required in newer versions of Android, to use the android SMS receiver APIs.

With the SMS Retriever API, you can perform SMS-based user verification in your Android app automatically, without requiring the user to manually type verification codes, and without requiring any extra app permissions. When you implement automatic SMS verification in your app, the verification flow looks like this:

SMS Verification

The returned authSendCode object will send multiple parameters:

Method NameTypeDescription
PhoneCodeHashStringPhone code hash, to be stored and later re-used with sign_in
Sendtophone

The auth.resendCode method will be invoked if the message takes too long to arrive at the phone to resend the code by checking the phoneCodeHash parameter.

Sign in/sign up

As the user enters the verification code, the sign_in method will be employed to validate and sign in the user. If the user was registered, login will happen. Login method parameters are shown bellow:

Method NameTypeDescription
PhoneDigit5 random digit including SMS or Push
PhoneCodeHashStringPhone code hash, to be stored and later re-used with sign_in

Otherwise, the method might return SignUp method and ErrCodeUnavailable = “E02": ErrItemPhone = “PHONE” error. It means that the account with this phone number doesn't exist yet and the user should sign up. Since then, the user needs to provide basic information, accept terms of service and then the new user registration method, sign_up, must be invoked. Register method parameters are shown bellow:

Method NameTypeDescription
Phone
PhoneDigit5 random digit including SMS or Push
PhoneCodeHashStringPhone code hash, to be stored and later re-used with sign_in
FirstNameString
LastNameString

We are authorized

The client key, auth_id, will associate with the user due to authorization. Then, each subsequent API call with this key will be executed with that user's identity. The authorization method itself returns the relevant user.

Error Handling →
  • Sending a verification code
  • Sign in/sign up
  • We are authorized
Copyright © 2020 RonakSoftwareGroup