Skip to content
This repository has been archived by the owner on Feb 10, 2021. It is now read-only.

How to sign up users on their behalf by another user #356

Open
Hawk707 opened this issue Jan 13, 2018 · 1 comment
Open

How to sign up users on their behalf by another user #356

Hawk707 opened this issue Jan 13, 2018 · 1 comment

Comments

@Hawk707
Copy link

Hawk707 commented Jan 13, 2018
edited

I am trying to implement something like this:
-User A signs up using normal flow (email and password, then verify email).
-User A can key in other users emails (and default password), which should follow the same (email password) flow, and send emails to those users. Then those users can verify their emails and change the default password

So far, I am able to do that, but could not include the defualt password. So those users are not able to login.

I want to copy the same flow when I created user A. So I traced the code, and I notice the password persists in LinkedAccount, which uses AuthUser to create user in the method User.create(final AuthUser authUser).
When I traced upward, the method is invoked by MyUsernamePasswordAuthProvider.signupUser(final MyUsernamePasswordAuthUser user)

However, I am not sure how is MyUsernamePasswordAuthProvider.signupUser(final MyUsernamePasswordAuthUser user) being invoked, and how was MyUsernamePasswordAuthUser user parameter obtained.

Any idea?
@Hawk707 Hawk707 changed the title How to add users by another user How to sign up users on their behalf by another user Jan 14, 2018
@Hawk707
Copy link
Author

Hawk707 commented Jan 14, 2018

I tried more, and this is how far I got. The following run by user 'A' to create another user programmtically (I made use of another issue here:

        DynamicForm requestData = formFactory.form().bindFromRequest();
        MyUsernamePasswordAuthProvider.MySignup signup = new 
        MyUsernamePasswordAuthProvider.MySignup();
        signup.setName(requestData.get("name"));
        signup.setEmail(requestData.get("email"));
        signup.setPassword(requestData.get("password"));
        signup.setRepeatPassword(requestData.get("password"));
        MyUserService userService = new MyUserService(auth);
        MyUsernamePasswordAuthUser newUser = new MyUsernamePasswordAuthUser(signup);
        userService.save(newUser);
        final MyUsernamePasswordAuthProvider provider = this.userPaswAuthProvider;
        User myUser = User.findByEmail(requestData.get("email"));
        provider.sendVerifyEmailMailingAfterAddEmployee(myUser);
        return ok("ok");

This seems to work. But I am not sure how reliable and whether it is the right way. My concerns stem from the following:

  1. I have to create both User and MyUsernamePasswordAuthUser. The User is to send verification email, and the MyUsernamePasswordAuthUser is to create user and linkaccount. Somehow I feel this can be used in a better way, but not sure how.
  2. It would be ideal to reuse as much as possible of the existing signup process. That is, call Application.doSignup. But this method relys a lot on Context (which in my case refers to User A data), it seems very difficult to decouple it.

I would appreciate any thoughts/ideas

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Hawk707