Creating users through communities.edgeryders.eu

owen · February 16, 2024, 11:44am

Slightly urgent issue here with regards to creating new users. Now the https://communities.edgeryders.eu/multisite_account.json endpoint has been removed, can we create and activate new users through the API? I see the functionality no longer works on tell.edgeryders.eu and we are needing this very shortly for the treasure project.

If the method is through the /users endpoint I will still need an Api-Key and Api-Username with the appropriate privileges to create the user - which I do not have — well as a method to activate the account for the user in order to post using their account.

cc @Ivan @bojanbobic

matthias · February 19, 2024, 1:02am

I just discussed the issue with Daniel and we found a suitable solution that Daniel will try to implement and deploy tomorrow (should work, but no guarantees until it is actually deployed and confirmed by Daniel here).

In effect, there will be a new API endpoint on the edgeryders.eu site, taking over the role of the former https://communities.edgeryders.eu/multisite_account.json endpoint and having more or less the same interface. The difference will be that it only creates accounts on the edgeryders.eu site itself, since the whole multisite system has been abandoned now.

owen · February 19, 2024, 4:49pm

Thanks Matt!

daniel · February 19, 2024, 5:52pm

@owen is the /multisite_account_api_key.json endpoint still in use / required?

owen · February 19, 2024, 6:33pm

@Daniel No, only the /multisite_account.json endpoint is being used.

daniel · February 19, 2024, 6:34pm

Ok great, I’ll finish testing and upload the fixed plugin in the next minutes…

owen · February 19, 2024, 6:35pm

Great, thank you! There should be no CORS restrictions, so the endpoint could be called from treasure.edgeryders.eu - correct?

daniel · February 19, 2024, 7:15pm

Correct.
New plugin version is now deployed. I was was able to create a testuser on the edgeryders.eu site. The interface of the /multisite_account.json stayed the same as well as the auth_key that must be part of the payload.
Please let me know if it works for you.

owen · February 20, 2024, 11:51am

Thanks @daniel

I’ve had a go at implementing this and the user creation works, which is great, but I am now having an issue using the returned user api key to make a post.

This shouldn’t be an issue normally as the /posts endpoint works fine for existing users posting comments on treasure.edgeryders.eu, so I dug into it a bit and found that the new users being created had not accepted the consent funnel questions on the platform - ie I had to manually accept them by logging into the platform - then posting was possible.

Here is the function that creates a user:

const createUser = (form) =>
  fetch(
    `${discourseUserUrl}?${Object.entries({
      accepted_gtc: true,
      accepted_privacy_policy: true,
      edgeryders_research_consent: true,
      requested_api_keys: [discourseDomain],
      auth_key: discourseAuthKey,
      email: form.email,
      username: generateUsername(form.name),
      password: generatePassword(16)
    })
      .map((pair) => pair.map(encodeURIComponent).join('='))
      .join('&')}`
  ).then(handleResponse(errorMessages), handleNetworkError(errorMessages))

both accepted_privacy_policy and edgeryders_research_consent are set to true as you can see, so I’m wondering if the new endpoint isn’t ignoring these booleans when creating an account?

Much thanks for your help.

daniel · February 20, 2024, 1:08pm

Turns out edgeryders_research_consent is evaluated to be true but not persisted. Now working to fix it. I’ll let you know as soon as it’s done.

daniel · February 20, 2024, 2:23pm

Fix is now deployed. Also tested to create a user on edgeryders.eu with the API and edgeryders_research_consent is now properly persisted in the database.

owen · March 1, 2024, 3:47pm

Thank you for your help @Daniel, everything is working now.

As we are using this for onboarding new members through the next month, we need a confirmation email to be sent when a new account is created through the API. It appears this isn’t the case - an account can be created and used to post - but unless the person notes down their username / password, there is no record of their account being made. Could we implement this in the API call?

cc @Ivan @bojanbobic

daniel · March 5, 2024, 3:03pm

Yes, I’ll implement it in the next days and post here when done.

daniel · March 6, 2024, 4:28pm

This is now deployed @owen. An email is sent to the user upon account creation with the following content:

  Welcome to Edgeryders,

  a new account was created for you at https://edgeryders.eu

  Login Information:
  - Username: %{username}
  - Email: %{email}

  Please use either your username or email, along with your password, to log in to your account.

Please let me know if this is sufficient.

owen · March 6, 2024, 9:41pm

Thank you Daniel, perfect!

owen · March 7, 2024, 10:06am

Hello @Daniel - sorry, I tested and it looks like there is now an error when accounts are created:

Error: invalid json response body at https://edgeryders.eu/multisite_account.json?accepted_gtc=true&accepted_privacy_policy=true&edgeryders_research_consent=true&requested_api_keys=https%3A%2F%2Fedgeryders.eu&auth_key=************&email=sogeb140192%40mcuma.com&username=owen1234555639&password=94Artz4C9s3uyelE
HaRm reason: Unexpected token c in JSON at position 1

I haven’t updated the site on my end, so perhaps this comes from the new changes?

daniel · March 8, 2024, 9:55am

Hello @Owen, sorry about that. I tested account creation in production in the browser and it worked - but I missed that the JSON response was actually a 422 error. This is now fixed.