Home/ Questions/Q 8473623
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T17:24:07+00:00

I’m developing an application on GAE (google app engine). This app is a chat

  • 0

I’m developing an application on GAE (google app engine). This app is a chat bot which the users can use in order to access some resources. The problem is that I don’t want that any user who knows the app ID can add that chatbot to their contacts because it manages private information, so I want to restrict the access only for my domain accounts. I read the GAE documentation and found this (https://developers.google.com/appengine/docs/python/xmpp/overview#Handling_Subscriptions) but I don’t really know how to apply it. I did something like this:

class SuscribeHandler(webapp.RequestHandler):
  def post(self):
    sender = self.request.get('from').split('/')[0]
    domain = sender.split("@")[1]
    if domain == "mydomain.com":
      #Add contact code goes here


app = webapp.WSGIApplication([
  ('/_ah/xmpp/subscription/subscribe/', SuscribeHandler),
  ], debug=True)
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can’t prevent a user from adding your bot to the roster. Per the XMPP docs:

    App Engine accepts all chat invitations and automatically registers subscriptions as described in the Handling Subscriptions section. App Engine routes all chat messages to the application, regardless of whether the sender previously sent an invitation to the app.

    You should simply refuse to respond to messages that come from users not authorized to use your app.

    • 0