I have created a bot who works just fine. It’s an Overwatch assistant to check identity of players who participate to contests organised by streamers directly in Twitch chat.
It’s working like a charm on my account, now I would like to “add users” to this bot but I do not know how to enable this bot to others and add the bot to their channel.
I use tmi.js to make this work and I can see a “channels” in the settings.
I went to an idea : do I need to code a frontend to get users oauth-token and store it in a database of users (streamers here)?
I found many tutorials to code and deploy, but I can’t find examples to allow new users to use your bot.
The bot sends /join #channelname it’s then in that channel. So you need to figure out how/the best way for you to instruct your bot to do that
Correct. That is what I would build and have built.
Some people will use a web panel to allow people to login and add a bot.
Other people will let the bot be in the bots own channel, and casters can use !join to make the bot join their own channel.
I prefer the web panel approach since I have other bot controls in the same panel and need oauth permissions for various other things tied to the bot.
The bot at boot can load the channels to join from storage and away you go.
The bot will also need a way to be communciated with to join new channels without fully restarting the bot each time to add a new channel.
The bot sends /join #channelname it’s then in that channel. So you need to figure out how/the best way for you to instruct your bot to do that
The tmi.js seems to handle the login for me you can see below the behaviour of the channels key detailed in their documentation.
Channels to automatically join upon connecting. The rate of joins is controlled by the options.joinInterval option
Therefore I think I will proceed like so Fetch the array of channels I would have stored in db and pass to the bot at startup. I will follow your advice and build a small frontend.
Currently if I add a streamer channel name to this array, he/she can use my bot in chat.
But I can’t see why I do need user’s oauth token to run the bot ?
But that only handles joins at startup, not whilst the bot is running.
You don’t want to have to restart the whole bot every time someone new signs up to use your bot.
You might want to use the API for subscriber status, or the dashboard panel be used by moderators, so you’d need the broadcasters token to get moderator status from the API.
Or use EventSub to get stream online/offline status sent to your system automatically (for !uptime commands for example, why do an API call to get stream status if you already have the start time in your DB) and make the EventSub cost be 0.
Otherwise you are limited to 10k subscriptions. on eventsub, but auth’ed subscriptions are cost 0.
Okay if I understand well, my script is working fine as long as it does not crash or as long I don’t need to add someone else. So to add dynamically users, I do need to build an express server with a POST endpoint like https://my-bot-url.com/join.
So I have to create an application
To sum up
Build a basic front-end with auth (connected with Twitch API to get user’s access_token).
Store user’s oauth token in database and allow dashboard to streamer and moderators.
Add a classic button in dashboard to call the POST /join endpoint on server express (aka the bot) to add the bot to the streamer channel.
Add another classic button in dashboard to call a https://my-bot-url.com/leave to make the bot leave the channel.
Am I right ?
Another question : as I’m working on a Twitch bot, do I have to use a realtime database (like Firebase), or a classic sql is enough ?
I went looking EventSub documentation and I think I will try to connect with websockets but as I don’t really need to be aware if the stream has started or not, I won’t do it in this first step.
I went with Firebase for multiple reasons (but for discovery purpose mainly).
I managed to fetch my “streamers” collection when the bot start, I also made a specific account to my bot. I added a route /join an channel and another one /part to make the bot leave a channel and seems to work properly.
I’m just having some trouble to the connection because I get a permission error when I try to ban someone:
[16:58] info: [#carbow] You don't have permission to perform that action.
Error banning azehoss00313: no_permission
I went by the https://twitchtokengenerator.com/ to grab my access_token and select the scope channel:moderate.
I tryied to fetch programmatically my access_token with OAuth client credentials flow but for some reasons I didn’t managed to pass the token to my client yet because of some bugs.
Do I have to use OAuth client credentials flow when bot login ? or can I pass manually the token in an .env file ? Which scope allow me to ban some ppl if it’s not channel:moderate (Perform moderation actions in a channel. The user requesting the scope must be a moderator in the channel)?
When the token expries you’ll need to use the refresh token to get a new token.
So .env might not be practical since the key will change periodicailly.
Sure use .env for ClientID and Secret (since you need the secret to run refreshs)
But the actual token/refresh token probably does work well in .env as it changes
This will give you a useless user token. As when the user token dies you’ll have to manually give it a new token
You should create your own oAuth flow using your own ClientID. And then seed the bot with a user token/refresh token.
I touched on that here. You really shouldn’t be using someone elses generator for your own tools. If that ClientID gets revoked all your stuff dies
This is the wrong kind of token for a chat bot.
As A Client Creds token does not represent a user.
channel:moderate is the required scope, this lets this key be able to send /ban
However the account will also need to be a mod on the channel you are trying to perfrom moderation actions on.
This indicates that your bot user account is not a mod on carbow
And/or the User Token used omits the channel:moderate scope.
That is the part when my brain is breaking down haha
I’ve made a bot (which is an app technically) but act like a user and has the same auth code flow as a user. I’ve already implemented the OAuth Authorization code flow but with this GET http call (from the bot) but I get redirected and can not grab the access_token which is in url and it’s not in response body.
So I guess I have to
make a front-end
auth the user from the front-end with OAuth authorization code flow (wich is a HTTP GET call) and get redirected to the front-end (I do not know how to grab the token from url in the backend otherwise…).
The user click to a basic button to add the bot to his channel, making a call to my backend /join.
On the join I send this specific token generated by the user in the front to the back-end (bot) and create a client with this token for each user who is signing ?
An “app” is the program in your wording, it would seem.
The program will connect to chat as a user.
So it uses a user token, since it needs to operate as a user.
The App Access Token is only useful for accessing public data and cannot be used to write. (Using chat is write)
You used implicit auth instead of regular code auth.
Should be using the latter for most applications/programs.
Are we talking about getting the bot auth token.
Or the flow to let users sign up to use your bot.
This looks like the latter.
Either way:
Create a web page that has a <a href=""> link to Twitch oAuth
User clicks that link
The accept (or decline) the link
They come back to your website with a ?code
Back end grabs the ?code and exchanges it for a token and refresh token.
User is now logged into your website essentially.
No.
Since your bot is logging into chat as the bot and not as every other user
The chat join command doesn’t need the token just the user name.
Bot logged in as fred
Alice logs into your website and hits the join button
Website tells bot to do a thing
Bot then sends /join #alice
In this example, is the my_bot_token equal to the ?code you are reffering to ? In this case it means, every streamer will send his token to the client.
This looks okay to me, but in this part
I do not see the utility of transmitting the code to the backend for the bot because the bot will be already launched with it’s proper token ?
The code is NOT an OAuth token, it must be exchanged for an Access Token and Refresh Token, which can only be done server-side, as Barry explained.
Once your bot has the users access token, you can then have your bot join the channel associated with that token. You can also periodically check the validity of that connection to your app by the user and if they have revoked access you can have your bot part their channel.
you can see below the behaviour of the 
)
