Swordy Bot - Discord Oauth + Paywall + Role management
I’m finally comfortable sharing this new version, since anyone can use it - not just crypto-savvy nerds like me. Maybe one day the RW community will use it for our own Discord
- Discord Oauth creates a new User in the Swordy Bot database
- Redirect user to the Unlock Protocol paywall to purchase a specific NFT (everyone knows what an NFT is right?). If they don’t have a crypto wallet, they can create one easily with email & password.
- Redirect back to Swordy Bot with a message signature, which allows me to verify they actually own this wallet.
- I use their wallet address to check if they have the correct NFT. If so, I grant them a specific role in the Discord server, so they can access more channels.
This release is accompanied by updates to the RedwoodJS Ethereum Auth library to support up to RedwoodJS v0.36, and hopefully will all the way to RedwoodJS v1.0
There is a frontend component, but most users never have to click anything- only on the external paywall site. However, Discord server managers get to see the “admin dashboard” which looks like this:
While the latest version isn’t open source, I just released version 1 so that others may learn and benefit from my previous work. You should not expect this to work out-of-the-box, but rather use it as an example and a learning tool. Here are my takeaways from V1:
- Most important! Don’t split the app logic between the Heroku Discord Bot and the RedwoodJS app. Instead, the Heroku Discord Bot should be as “dumb” as possible, and simply act as a messenger between Discord and the RedwoodJS app.
- I did not implement Discord OAuth in V1, but rather my own solution for verifying ownership which requires DM’ing. Using the Discord Oauth is a better solution overall in terms of UX, and is harder to break, despite being much more work to implement.
- The V1 bot requires DM’ing the user a unique link to verify ownership. This is an anti-pattern, since many users disable DM’ing from other server participants to prevent spam, which means the bot simply appears “broken” to this set of users.
- Don’t even try to do any kind of complex “command-line” style bot interactions… Its terrible UX and everyone will be asking for help. V1 requires Discord server managers to update roles by typing something like
!add <token-address> <chain Id> <role-name>. It is simply unreasonable to expect non-techie people to use a command line. The only successful consumer-facing “CLI-like” experience I’ve used is AI chat-bots. So unless you plan on spending TONs of time adding AI to your bot, just make a damn frontend to actually visualize what they are doing. (I can feel spicy tweets incoming!)
- Open-sourced version 1: https://github.com/pi0neerpat/swordy-bot
- Website: https://swordybot.com
- Announcement tweet: https://twitter.com/swordybot/status/1437495732206927875?s=20
- Docs: ⚔️ Set Up - One Click Dapp
- Unlock Protocol (paywall NFT solution): https://unlock-protocol.com
Big thanks to everyone for answering questions in the chat! RW to the moon