I've searched "everywherE" and there's so little if any information about this subject, so thought I'd ask the pros and everyone like me can benefit.
Anyways, I'm building an application which needs users to be registered to create documents and make various actions through the application.
Now the user registration shouldn't be anything new and unseen, I need the proper or the best way or whatever way you handle user registration.
When the user enters data and presses Sign up, they should receive and automatic email containing a link to confirm their Signing up and than when they login in the application they'll have the rights assigned to the user group for example called "Basic users".
Also, the forgot password option?
How do you make a basic user registration handling?
This OpenNTF project has also a user self registration: http://www.openntf.org/internal/home.nsf/project.xsp?action=openDocument&name=LotusPeople
My blog post on registering users from Facebook might be of some use... http://mattwhite.me/blog/2010/10/20/how-to-get-sso-for-facebook-working-with-xpages.html
Matt
I have also taken the OpenNtf project for self register (from younotes) and changed it a bit. It works great.
Related
Running into a bit of an odd issue. I assume it may be a setting somewhere?
Using the API integration for embedded forms. We have two brands, so I've made two users with the same roles. Their job is to be the sender for any embedded form for their respective brand. Their roles are both set as sender from the user settings tab.
support#brand.com
support#other-brand.com
Each user is in 2 groups, developers and their respective brand. Simply being part of developers will allow them to be assigned as the sender of any API templates. It's worth noting, these two users are identical to one another in setup, only difference being support email.
Using user 1, there are no issues, and everything works as intended. Using user 2 however, I get the error "consent required" when trying to get a JWT token?
I've gone through all and any settings I could find, but nothing seems to do what I need. Both users belong to the organization, so I'm simple confused.
Any help and direction is much appreciated.
The answer was I needed to claim the #brand URL the 2nd user was under, which had not been claimed via the application admin interface.
Consent is per user, you would need the second user to log in and navigate to the URL For consent.
If you are using the developer/sandbox/demo environment (not production) the URL you would want to set looks like this:
https://account-d.docusign.com/oauth/auth?response_type=code&scope=signature%20impersonation&client_id=<your IK>&redirect_uri=<some URL you defined for the IK>
Remember to define the redirect_uri in the Apps and Keys page in the settings page where you created the Integraiton Key and you should be good.
In the application, we are using auth0 to login to the application. we have two type of users, admin and agent. Need to update the agent's email associated with auth0 login by admin. How can we do that? there is a way a user can change his/her own email but here another person can change the email for someone. Need a help here
Go through: https://auth0.com/docs/api/management/v2/#!/Users/patch_users_by_id
but it is for user can change his/her own email
Take a look at this video:
https://www.youtube.com/watch?v=RMza7El7IwE&feature=youtu.be
There is no out of the box solution, but the platform allows you to achieve the desired result via the management api. Let us know if you have questions. You can always visit the Auth0 Community if you want more eyes on the topic.
Let me start by saying I really like Deployd. I want to use it in production, but I want to incorporate OAuth and social logins, so I installed the dpd-passport module. It works great, except for two little (big) problems:
When a user signs in via an OAuth provider (e.g. Facebook, Twitter, Github) a new user record is created...but if the same user clears their cookies or uses a different browser to log in, a new user record is created.
If I do something clever (read: hacky) and assign users with social logins an ID based on the socialAccount and socialAccountId (something unique but constant for each social account), someone could use the standard method of user creation to spoof a user by making a POST request to the /users endpoint if they knew that user's socialAccount and socialAccountId.
My question is: How can I A) prevent #1 from occurring, or B) disable the standard method of user creation without also preventing OAuth user creation?
Has anyone ever successfully used Deployd and dpd-passport in production? If so, I want to speak with you...
Thanks in advance!
First of all, I think you haven't added the custom fields per the docs.
https://www.npmjs.com/package/dpd-passport#requirements
I hadn't either, and observed the new user feature (because it couldn't lookup the response from the auth service to find the user from before). Adding these fields fixed it.
Also, there is a google group here:
https://groups.google.com/forum/#!forum/deployd-users
Hope that helps.
I want to set up 3 things for my user authentication system running on Passport / Neo4J:
1) Manual user account activation (so that admin does it);
2) Invite-only account creation;
3) E-mail confirmation of account before activation;
I was wondering if you knew of any easy-to-use Passport plugins for it (I haven't found any myself, but also want your recommendations) and also – what would be the best way to implement it (maybe you've already done / seen it, so you could share the code?)
Thank you!
Disclosure: I have never worked with Neo4j, so I am unaware of the specifics but I would accomplish this in the following way:
You can write up some simple queries that insert a users information(ex. username, password, email etc.) to your database upon registration. Then, send the user an email using something like nodemailer in which it states that he has been registered and is awaiting confirmation.
Among the user information that you have stored you should have a column where you store the account status(verified or not verified). You can then write up a small webpage for retrieving all the accounts from your database where verified=false, and confirm the ones that you want by setting verified to true, after which the user would receive an email the user telling him that he can now use your service.
As for invite-only registration, I would have a special table with "registration codes" that would be generated and inserted into that table when a user invites someone. The one who was invited would then receive a link with the code, and upon clicking it the server would check if the code exists in the database, and if it does would allow the user to create an account.
I realize that this is a broad answer, but there are many ways to accomplish what you're looking for!
Someone was having a go at it with Drawbridge, but the build is failing...https://www.npmjs.org/package/drawbridge
I'm Looking for the same thing.
I would like to have the user registration be a little more secure by adding security questions. I could create a new contentpart and attach it to user contentitem. But before I do that I would like to know if its not already there.
You can use the extended registration module and add the security questions there - I am using this module to capture other user information and it works great. However my workflow is such that an admin creates users....so this might be different from your workflow where the user will be entering their own registration info.