I've extended the User model in my loopback application, and added phone number as a login method, I use the username field to do this, the only deal is that on login I get the 'email not verified' error, I have my own phoneNumberVerified field, and have overwritten the confirm method to validate the token against the emailVerificationToken and against the phoneNumberVerificationToken and update the corresponding flag, I thought of overwriting the original login method to not allow login only if both emailVerified and phoneNumberVerified fields are false (not just the email) but I don't know how to actually do the login the way loopback does it (I believe it creates an AccessToken or something), and I'm asking for some help on how to do this, thanks XD. I can do the overwriting and validations myself I just need to know how to do the actual login without using the original login method, since I'll be rewriting it.
So I figured out that I actually don't need email or phone number verified validation at all on login (later on the workflow will be required, but that'll be another use case, so it's irrelevant on login to me now XD). So when I was looking on how to overwrite the login method I realized that all the models code it's on the node_modules folder xD
node_modules/loopback/common/models/user.js
And found there in the login method a flag that validates if should check email verified or not, so on my startup script I just put this:
app.models.MyUser.settings.emailVerificationRequired = false;
That stops the email verified validation on login.
And maybe if some of you would like to override the login method I believe copying the whole method from the original user model up there and attaching it to your model and doing some modifications might work xD, it invokes the createAccessToken from the user model (itself) and that's what I believe creates the 'login', what I came to understand is that there is no "session" data, it creates an accesstoken when you successfully login, and as I've been doing just sending the token id to every request 'authenticates' your logged user.
Thanks for reading, have a nice day :)
Related
Trying to retrofit an old webforms application.
Got my configuration working so that it's prompting for login and successfully redirecting back to the application. The folks that manage the IP can see the response is generated.
However in the callback to my application the User is null. I'm told if it's configured correctly it should be populated.
We have a custom IHttpModule and that is where I can see getting hit with the call to /Saml2/Acs with the User not populated. I think this may be expected as the handler for that is supposed to populate the User, I think? However the following call (the returnUrl configured in sustainsys.Saml2) still has no User and I don't see any sort of error or anything.
Anyone with experience have an idea how to debug this?
The call to /Saml2/Acs should be taken care of by the Sustainsys.Saml2.HttpModule. It will process the response and then call the SessionAuthenticationModule to set a cookie that preservers the User across calls.
To get some more information about what's happening in the library, you can assign an implementation of ILoggerAdapter to Sustainsys.Saml2.Configuration.Options.FromConfiguration.SPOPtions.Logger to get some logging output from the library.
My issue turned out to be that I had another authentication module loaded before SessionAuthenticationModule and Saml2AuthenticationModule in the web config.
The comment in the example was
Add these modules below any existing. The SessionAuthenticatioModule
must be loaded before the Saml2AuthenticationModule
However in my case with I had another authentication module involved that needed to go last.
Once again I created my own authentication service. This is registered and is also called. After submitting the login form (EXT:felogin) you get back to the same page - but Felogin continues to show the login form. After a page reload, the logged-in state is recognized correctly and the status display is displayed.
The same form works correctly with a normal, local FE user.
When debugging authUser() correctly returns 200.
What could that be?
Besides returning 200 by authUser(), having a valid FE-User (at least with uid, pid, username, usergroup) is necessary. My FE-User was broken.
TYPO Documentation - Authentication services:
One important thing to know is that the TYPO3 CMS authentication process needs to have users inside database records (“fe_users” or “be_users”).
I am creating a simple Swift app. I have got the login working with Swift app. Now, when a user clicks on forgot-password, I want to send them an email with a code. Once he enters that code, he can enter a new password.
I looked up at Firebase.auth.auth() I saw functions like checkActionCode() and applyActionCode() - I couldnot understand a clear difference between them!
I also saw some other functions like confirmpasswordReset() and verifyPasswordResetCode().
However, I do not understand what function to use and how to send an email with the code. Can someone give me an overview of how can I do this? Thank you!
If the user forgot their password, you can send them a password reset email with:
Auth.auth().sendPasswordReset(withEmail: email) { (error) in
// ...
}
This email contains so-called OOB code and a link to an auto-generated page that allows them to reset their password. I recommend getting started with this approach, since you'll have to do the least work to get it up and running.
If you want to create your own page instead of the auto-generated one, have a look at the documentation on custom email action handlers. That page also contains an example showing how to call the handleResetPassword, handleRecoverEmail, and handleVerifyEmail methods.
I have a very similar issue than this one. I recently added has_secure_password to my User model. Everything is working great, except when I try to create a user from Facebook, which have a :friends attribute. In this case, i have this error when I try to #user.save!
> Validation failed: Friends is invalid
FB user creation was working perfectly before I added has_secure_password, and is still working when I save the users with #user.save(validate: false)
Once the user is already created and present in the database, the #user.save! method is working and the :friends are validated.
I also have a validates :password, length:{minimum:8}, on: :create in my User model, but the friends validation is still triggered even if I remove this line.
I could add a has_facebook? condition in my controller to completely skip any kind of validation when I try to create a user from FB, but I really want to understand why has_secure_password validation is triggered for something seemingly unrelated.
The validation message sounds strange.
But in documentation you see, that has_secure_validation adds a presence validation on password on create. So I think you somehow overwrite that validation message.
To say something more concrete I would need to see more of your code.
So documentation sais:
For further customizability, it is possible to supress the default validations by passing validations: false as an argument.
http://api.rubyonrails.org/classes/ActiveModel/SecurePassword/ClassMethods.html
I would assume, you set validations to false and care yourself about them. So you can require password only, when it's not a facebook registration.
I'm absolutely new of Symfony, and I'm trying to implement a registration form that works only with invitation
but that can redirect two different forms for two different roles.
In practice if I send an invitation for an USER_TYPE1 role the client can only register like USER_TYPE1, if I send an invitation for an USER_TYPE2 the client can only register like USER_TYPE2 (and, of course, assigns the corrispondent role).
Is it possible?
thank you in advance for your help
UPDATE:
I want two different form because one user will be allowed to update file, but will also have to set his position and other important settings. The second user will only allow to download the files uploaded by the first kind of user, and his profile needs completely different information.
I do not have enough reputation to ask for details, but one thing that is not clear in your question is: why do you need 2 different forms? In your question, you mention 2 different roles, but why do you need 2 different forms? If you really need 2 different forms, then you should first:
- create a new form type
- create a new view (twig)
Like Boris suggested, I would keep some kind of token for every invitation sent, and associate an email address, and a role to it. Then modify your registration route so you can pass a token in there, like this:
register:
pattern: /signup/{token}
defaults: { _controller: MyBundle:Registration:signup }
In the registration action of your controller, you created the correct form type and display the appropriate twig, depending on the ROLE associated to the token you just got. And when handling a POST, you check the Token again to see if it matches the email address, and assign the proper ROLE when creating the User.
public function signupAction($token) {
// 1. Get the Token entity matching the $token variable
// 2. Create the correct form type
// 3. Display the correct twig for GET, assign correct ROLE to new User for POST
}
But you can't use FOSUserBundle as-is. You will have to overwrite the registration process. You can read the FOSUserBundle documentation about that.
What's certain is that, for every invitation you send, you should keep a token with a matching email address and ROLE (the role you want to give to that person).