Resource [Discord Bot] Verify premium resource purchase

Discussion in 'Spigot Plugin Development' started by SnowGears, Jul 11, 2021.

  1. Hey all!

    If you are a plugin developer with a premium resource and you also run a discord server, I wrote a discord bot to assign a specific role if it is able to validate the user purchased the premium plugin.

    It allows the user to enter a slash command (providing their email) and it will then search the last 3 years (a limit by PayPal) of transactions for that email. If a match is found, it looks for the resource id of the transaction and compares it to the resource id from the config. If that matches, it assigns the discord role set from the config.


    There is also an option for the bot to private message a list of discord admins on your server whenever people try to verify purchases! It also supports multiple premium resources / multiple discord roles!

    Best of all, it also has an option to store a list of previously verified email/resource mappings so that other users can't use someone else's email who already verified for that resource!

    This all allows you to give more tailored support in your discord and only allow people with a verified purchase to access the premium support. You can find all of it on GitHub here! Let me know if you have any questions!
    #1 SnowGears, Jul 11, 2021
    Last edited: Jul 27, 2021
    • Like Like x 7
    • Winner Winner x 4
    • Useful Useful x 2
    • Creative Creative x 1
  2. What if one uses someone else's PayPal? For example, the server is for payers only; my friend bought the plugin, gave me his PayPal email, and then we both joined with it.
    • Agree Agree x 4
  3. Maybe send a verification email to make sure somebody isn't using a payers email. Great idea still!
    #4 OllieJW, Jul 11, 2021
    Last edited: Jul 11, 2021
    • Like Like x 1
    • Agree Agree x 1
  4. That's an option, but it doesn't solve the problem. Friend can just give the verification code back. I'd rather just add every email into a persistent list, and if it's found then just don't let the user in.
  5. But if the buyer gives the friend the code then the buyer cant use it them self
  6. Why not? It's generated every time a person tries to join. So buyer gives the code to the friend, the friend joins, and then the buyer generates another code for the same email and joins as well, since the email is still valid and the code also is.
  7. The bot could restrict the amount of emails per person
  8. Well, then it's just these combined:
    And that definitely would work.
    • Agree Agree x 1
  9. You could also keep a list of “already verified” emails and only allow new verifications. At the end of the day there’s always going to be more things you could do. This is just meant to be a basic check so that a random person who is using a stolen plugin can’t get access. More checks can always be added since it’s open source!
    • Agree Agree x 2
  10. So I may fork it to add something, right? ^^
  11. Absolutely! Or code more optional checks and submit a pull request!
    • Friendly Friendly x 1
  12. I don't know pretty much anything about GitHub (and Python... and Discord API...) but I'll try.
  13. Uh, now, what libraries do I install? I only figured requests and Also my pycharm throws an error when installing dotenv lol
  14. All libraries are in the file
  15. I just pushed a new update that allows for an option to check for previously verified emails. @ZBLL

    #17 SnowGears, Jul 11, 2021
    Last edited: Jul 11, 2021
    • Like Like x 2
  16. Nice job! (y)
  17. I just added logging and a better way to keep the oauth token for paypal alive Cheers!
    #19 SnowGears, Jul 15, 2021
    Last edited: Jul 15, 2021
    • Creative Creative x 1
  18. I am possibly thinking of making a premium resource so I will definitely be using this!
    • Winner Winner x 1