Learn more about Israeli war crimes in Gaza, funded by the USA, Germany, the UK and others.

Nativité 2017: creating a Facebook Messenger bot

A few days ago I described Nativité, a pastoral Christmas game which I made last year.. I’m updating it for 2017, switching from SMS notifications to a Facebook Messenger bot. Here’s the latest game:

Last year, I used Firebase. This was mostly an excuse to try out Firebase. I found Firebase pleasant, but also quickly found its limitations. I wanted to send SMS messages on custom server-side events, and couldn’t figure out how to do this in a secure manner. I ended up making client-side calls to an external server to fulfil this, which is a horrible hack!

It also turns out SMS is expensive. There are four sheep in the game; each sheep moved a minimum of twelve times; and each move sends an SMS to the four girls and to me. I was using AWS SNS to send messages, which at the time was charging around 10c for each message to France. That’s a minimum of 4 × 12 × 5 × 10c = $24 in messaging costs! (Today’s SNS pricing for SMS is much cheaper and more uniform: around 0.64c per message to anywhere. But this is still expensive.)

When I was making Nativité last year, I was in Dedham, deepest rural Essex. Testing SMS required waving my phone around in the garden, freezing, trying to attract the attention of some distant cell tower. I would receive a few dozen test messages at once, and see my AWS bill grow a few dollars. (Since then, I’ve discovered “WiFi calling”, which seems to magically transfer cellular data over WiFi. But I didn’t know about it then!)

If instead I were to use Facebook Messenger, the end-user experience would be more pleasant, my bill would be $0, and I could test anywhere with an internet connection. So I did that.

To make a Facebook bot, I needed to switch out “serverless” for a more standard setup (Heroku for the server-side, Netlify for the client-side, and Pusher for some realtime magic). After reimplementing everything, the new client is hosted at https://nativite-2017.lantreibecq.com/.

A Facebook Messenger bot is a Facebook App with the Messenger product added to it. Mine is app 299278960590947. But I don’t think end-users see Facebook Apps directly. Instead, Facebook Messenger bots communicate via a Facebook Page: if you own both the app and the page, you can give the app permission to communicate via the page. The Page for Nativité is TheChristChild (it was surprisingly hard to find a free unique name). Facebook Pages have Messenger accounts which users can send messages to; here is the Messenger account for TheChristChild.

Pages can’t initiate conversations. Users have to send a message to a Page before it can reply. I’m using this as a “subscription” mechanism; anyone sending a message to TheChristChild is subscribed to all updates.

Facebook Apps have a review process. Before an App/Page can interact with the public, it must have gone through review. An exception to this is a list of “testers” which can be added to the app. Surprisingly, it seems that a user does not have to give permission to be added as a tester. So I added my partner and all her family as testers.

Oh, I also added a little crown to the sheep that’s currently winning. That’s all for this year.

Tagged .

Similar posts

window.ai hello world
2024-06-29
Interactive Turing patterns in WebGPU
2024-05-29
WebGPU hello world in 2024
2024-05-25
What is Monte Carlo integration?
2024-04-24
How to escape JavaScript for a script tag
2024-04-24
On that flickering blur in Chrome
2024-04-23

More by Jim

What does the dot do in JavaScript?
foo.bar, foo.bar(), or foo.bar = baz - what do they mean? A deep dive into prototypical inheritance and getters/setters. 2020-11-01
Smear phishing: a new Android vulnerability
Trick Android to display an SMS as coming from any contact. Convincing phishing vuln, but still unpatched. 2020-08-06
A probabilistic pub quiz for nerds
A “true or false” quiz where you respond with your confidence level, and the optimal strategy is to report your true belief. 2020-04-26
Time is running out to catch COVID-19
Simulation shows it’s rational to deliberately infect yourself with COVID-19 early on to get treatment, but after healthcare capacity is exceeded, it’s better to avoid infection. Includes interactive parameters and visualizations. 2020-03-14
The inception bar: a new phishing method
A new phishing technique that displays a fake URL bar in Chrome for mobile. A key innovation is the “scroll jail” that traps the user in a fake browser. 2019-04-27
The hacker hype cycle
I got started with simple web development, but because enamored with increasingly esoteric programming concepts, leading to a “trough of hipster technologies” before returning to more productive work. 2019-03-23
Project C-43: the lost origins of asymmetric crypto
Bob invents asymmetric cryptography by playing loud white noise to obscure Alice’s message, which he can cancel out but an eavesdropper cannot. This idea, published in 1944 by Walter Koenig Jr., is the forgotten origin of asymmetric crypto. 2019-02-16
How Hacker News stays interesting
Hacker News buried my post on conspiracy theories in my family due to overheated discussion, not censorship. Moderation keeps the site focused on interesting technical content. 2019-01-26
My parents are Flat-Earthers
For decades, my parents have been working up to Flat-Earther beliefs. From Egyptology to Jehovah’s Witnesses to theories that human built the Moon billions of years in the future. Surprisingly, it doesn’t affect their successful lives very much. For me, it’s a fun family pastime. 2019-01-20
The dots do matter: how to scam a Gmail user
Gmail’s “dots don’t matter” feature lets scammers create an account on, say, Netflix, with your email address but different dots. Results in convincing phishing emails. 2018-04-07
The sorry state of OpenSSL usability
OpenSSL’s inadequate documentation, confusing key formats, and deprecated interfaces make it difficult to use, despite its importance. 2017-12-02
I hate telephones
I hate telephones. Some rational reasons: lack of authentication, no spam filtering, forced synchronous communication. But also just a visceral fear. 2017-11-08
The Three Ts of Time, Thought and Typing: measuring cost on the web
Businesses often tout “free” services, but the real costs come in terms of time, thought, and typing required from users. Reducing these “Three Ts” is key to improving sign-up flows and increasing conversions. 2017-10-26
Granddad died today
Granddad died. The unspoken practice of death-by-dehydration in the NHS. The Liverpool Care Pathway. Assisted dying in the UK. The importance of planning in end-of-life care. 2017-05-19
How do I call a program in C, setting up standard pipes?
A C function to create a new process, set up its standard input/output/error pipes, and return a struct containing the process ID and pipe file descriptors. 2017-02-17
Your syntax highlighter is wrong
Syntax highlighters make value judgments about code. Most highlighters judge that comments are cruft, and try to hide them. Most diff viewers judge that code deletions are bad. 2014-05-11
Want to build a fantastic product using LLMs? I work at Granola where we're building the future IDE for knowledge work. Come and work with us! Read more or get in touch!

This page copyright James Fisher 2017. Content is not associated with my employer. Found an error? Edit this page.

Jim Fisher
CV
Speaking
Blogroll
RSS
TigYog
Kickabout