Skip to main content

Enable Server Side User Authentication

Server-side user authentication in the LikeMinds SDK ensures secure and reliable user verification by handling authentication on the backend. It protects sensitive user data, prevents unauthorized access, and enables seamless session management. This approach enhances security while providing a smooth integration experience for developers.

Prerequisites

For each tech stacks below, LikeMinds Feed SDK should be integrate using the Getting Started Guide.

Steps to Enable Server-Side User Authentication

Step 1: Create an API on your Server to start a User Session with LikeMinds

Create a new API on your backend server that will handle user authentication with LikeMinds. This API should call the LikeMinds Initiate API to create a new user session. The Initiate API will return an accessToken and refreshToken that will be used to authenticate subsequent requests to the LikeMinds SDK.

Step 2: Create a function on Frontend to get tokens

Create a function to get accessToken and refreshToken from your backend using Initiate API.

suspend fun getTokens():Pair<String,String>{
  // your implementation to fetch LikeMinds Authentication Tokens

  return Pair(accessToken, refreshToken)
}

Step 3: Create an instance of LMFeedCoreCallbacks

While setting up LikeMinds Feed SDK in onCreate() method of the Application class, extend LMFeedCoreCallback and pass the instance of the same in LMFeedCore.setup()

val application = this
val theme = LMFeedTheme.SOCIAL_FEED
val enablePushNotifications = false
val deviceId = null
val domain = "ENTER YOUR DOMAIN HERE"

val lmFeedCoreCallback = object : LMFeedCoreCallback {
    override fun onAccessTokenExpiredAndRefreshed(
        accessToken: String,
        refreshToken: String
    ) {
        Log.d("Example","accessToken: $accessToken, refreshToken: $refreshToken")
    }

    override fun onRefreshTokenExpired(): Pair<String?, String?> {
        return runBlocking{
          getTokens()
        }
    }
}

LMFeedCore.setup(
    application = application,
    theme,
    enablePushNotifications = enablePushNotifications,
    deviceId = deviceId,
    domain = domain,
    lmFeedCoreCallback = lmFeedCoreCallback
)
info

LMFeedCoreCallback has two callbacks:

  1. onAccessTokenExpiredAndRefreshed(): This callback is triggered when the provided accessToken expires and is refreshed internally using the refreshToken.
  2. onRefreshTokenExpired() This callback is triggered when the provided refreshToken expires. In this case, you need to provide a new accessToken and refreshToken from your backend server using our initiate API.

Step 4: Send the received token to LikeMinds SDK

Upon receiving the accessToken and refreshToken from your backend server, call LMFeedCore.showFeed() function with these tokens.

val context = this // instance of context
val accessToken = "RECEIVED ACCESS TOKEN"
val refreshToken = "RECEIVED REFRESH TOKEN"

val successCallback = { response : UserResponse? ->
    //user session initiated successfully, write your logic here
    Unit
} // callback triggered when the initiate user call is successful

val failureCallback = { errorMessage ->
  Log.e("Example", errorMessage)
  Unit
} // callback triggered when the initiate user call fails

LMFeedCore.showFeed(
    context = context,
    accessToken = accessToken,
    refreshToken = refreshToken,
    success = successCallback,
    error = failureCallback
)

Conclusion

After completing these steps, your application will be configured with server-side user authentication for the LikeMinds SDK. This setup provides:

  • Secure user verification through backend authentication
  • Protected sensitive user data
  • Seamless session management
  • Automatic token refresh handling

Make sure to test the authentication flow thoroughly in your development environment before deploying to production.