I want to take the user inputs through api.ai(dialog flow) chatbot and store it in MySQL database like asking the user details of name, age, contact num through chatbot and then the user details are to be stored in my database i.e.., MySQL database. After storing, at last, the chatbot should show the summary to the user for confirmation.
I am able to interact and continue the conversation with my chatbot but unable to store the user's inputs.
I was searching at different places but I can't get the right process. I am comfortable with PHP to get the data from api.ai and to store in MySQL database.
Any help would be appreciated.
"Thanks in Advance!"
You need to create a webhook to handle fulfillment from Dialogflow. This will be a publicly accessible URL that can take an HTTPS POST, with a JSON body. In your case, this will be your Heroku URL that you will enter into the Fulfillment tab in Dialogflow.
See https://dialogflow.com/docs/fulfillment for information about the JSON you are sent, the JSON you'll need to reply with, and other information you need to setup fulfillment.
In your PHP code - you can do whatever you want with the data being sent to you, including storing it in MySQL. You'll then send back JSON (see the above URL for the format) indicating how you want to reply to the user.
Related
I am currently building an ETL job in Talend Open Studio, that calls a banking API in order to retrieve customer data. The API works with OAuth 2.0. Using Postman, I can easily get an Access Token, which I then use in Talend to retrieve the customer data in JSON format. However, before I get the access token, the customer whose data I want to pull from the API, has to grant me permission for doing so. Using Postman, this is easy enough, as I get redirected to a page where the customer enters his/her credentials and then gives my App permission to pull the data:
My plan was, to setup the Talend job in a way, that this gets done automatically. My current approach is to use a tRESTClient component which calls the page on above screenshot and enters the credentials. Now there are several options with the tRESTClient component, but none of it works. First I tried to make a GET call with "Use Authentication Basic HTTP", parsing username and password of the user. That does not end with an error, but the response is just the html of the login page itself. When I try to make a POST call parsing the customer credentials to the TRESTClient component in JSON format, I am getting a 400 Bad Request. This is how my component looks in this case:
I also asked that question in the Talend Community forum, but so far no one replied to it. I dont know if I am completely off-trail here?! Any hint would be greatly appreciated, I am struggling with that task for 3 days now...
EDIT: to be more straightforward:Is it possible to perform these 2 steps in Talend alone:
I am trying to redirect my user from a html page to a jsp page which has been deployed on tomcat/webapps using .war file.
While doing so, I am also sending the session information of the user as an hidden parameter via POST method.
With the help of burpsuite tool(security testing tool) one can easily manipulate the cookie and change the username of the user logged in. How will I be able to block such kind of cookie manipulation?
You cannot control/prevent what the browser/client is sending, so do not consider the data received as fact/true. Your application shouldn't just look at the username and say "oh, it's the admin user, I show the whole admin area".
To prevent tampering the data originated from the server or at least detect changes, you use encryption or digital signatures. With encrypted data, it is not possible to change the data. You don't know how to decrypt the data and encrypt the changed data correctly since you don't have the encryption key to do so. With signed data you can still read the data but the signature makes sure that you can detect, if the data has been changed.
In your case, you can use a JWT instead of just the username. The JWT contains a digital signature which is used to check if the data has been changed. Your "testing team" can change the data but your server can see immediately that it has been changed and reject the received (changed) information.
I'm new in IBM Watson Assistant. I have a use case where i have to ask user for their interest. and i need to save the response in db or call some API and post the user response. any how i want to capture user response in my own system.
I have done basic handson on Watson Assistant. Not able to figure out how to save user response in external system.
If the question is What is your favorite Mobile Brand.
Options: Apple , Samsung , Sony
If user Response with Apple. Then I need to save this in my system. So in future i can offer products according to customer interest.
The messages API Response includes everything you'd need. You could store that response in your database each time, or configure your application to only store specific responses (e.g. when a certain intent or entity is detected, since the response includes those data elements).
Put more simply, your application is already controlling the flow of information between the user and the Watson Assistant API, so you're in full control over when and how to capture the API Response data and store it wherever you'd like.
I am currently working on a website using React where I want to be able to have user login. Right now my strategy is to send form data to the server (express) on submit, and if the info matches a user in my DB, the server sends back a signed JWT with no sensitive information (just the username).
Once the client receives the JWT, I am adding it to localStorage as well as adding the decoded data of it to my redux store. I plan to have my redux store holding the currently logged in user.
I believe there may be a security issue in my site because currently I have it so when the user first arrives at the site, If there is a JWT, it is added to my axios headers and the decoded JWT is set to be the current user. The code looks like this:
if(localStorage.jwtToken) { // If token present, most likely a user is signed in
setAuthorizationToken(localStorage.jwtToken) // Set that token to head all api calls
store.dispatch(setCurrentUser(jwt.decode(localStorage.jwtToken))) // Set user in redux store
}
Currently I've found that if someone just goes into my localStorage, copies my JWT and adds it to their localStorage then bam, they are me. I'm unsure if this is really a security flaw because the only way I've recreated this myself is by physically copying the token from one browser to another. But in general this seems very unsafe that just taking my token steals my identity.
If anyone knows a way to make this more secure or if there is a better strategy, or at least tell me what I'm doing wrong that would be highly appreciated.
How can another person get your token? Give expire time to token needed. Maybe try different way for securing token, especially give more security in API side. When logging in, store log activity in database and create unique field to identificate it such ip address or user-agent, or maybe detect is that user have been hit login endpoint before or not.
My web site has an opt-in form for user's email addresses. The form will have fields such as name, email and phone number.
Upon submission, I would like the data to also be inserted into my MySQL database.
However, I would also like the email address to be added to an AWeber email subscriber list.
Is this possible?
Yes, it is posible to store the data in a database.
Posting data via a 3rd party script is against Awebers Terms of Service. So it is necessary to take another route.
The way to do it is to allow your user to submit their information to Aweber via the JavaScript form, but choose the setting to request that Aweber send the user information back to you, via your thank you page.
You can use the thank you page to store the user data in your database.