You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@isis.apache.org by Jo...@filternet.nl on 2015/05/07 12:33:31 UTC

user signup through bespoke REST client

Hi,



For our matching app [1] we are creating a bespoke REST (web)client and use ISIS as a backend. Can anybody give me an approach that we could use for user signup using the user-registration-service and the email-notification? It seems to me that there are no default facilities in the REST Api at the moment or am I overlooking them?



gtz Johan



[1] https://github.com/johandoornenbal/matching

Re: user signup through bespoke REST client

Posted by Dan Haywood <da...@haywood-associates.co.uk>.

On 7 May 2015 at 11:33, <Jo...@filternet.nl> wrote:

> Hi,
>
>
>
> For our matching app [1] we are creating a bespoke REST (web)client and
> use ISIS as a backend. Can anybody give me an approach that we could use
> for user signup using the user-registration-service and the
> email-notification? It seems to me that there are no default facilities in
> the REST Api at the moment or am I overlooking them?
>
>
You're correct, there are no default facilities in the REST API.

However, I think the building blocks are there.  Not exactly trivial, but
do-able.

Start off by subclassing RestfulObjectsApplication, eg
"CustomRestfulObjectsApplication", and register this in web.xml as the
context.param = javax.ws.rs.Application instead of RestfulObjectsApplication

Then, define some new Restful resources, cf
DomainServiceResourceServerside, and register these in your subclass of
DomainObjectResource and register in your CustomRestfulObjectsApplication.

So far this is just standard javax.rs stuff.

Next, we need to ensure that a client can hit your new resource *with* the
Isis runtime in place, but without there being an Isis session.  For
that....

In the web.xml there's a filter IsisSessionFilterForRestfulObjects that
applies an authenticationSessionStrategy for every resource under
/restful/.  Since you want to make the new resource, eg /restful/register,
available without a session, then I think you'll need a custom
authenticationSession strategy too that allows access to this resource
without requiring logon.

In the /restful/register resource, then, this will be hit without there
being an Isis session.  But you should be able to do a lookup of the
UserRegistrationService in order to allow the user to be created.  The
Wicket viewer does something similar in the RegisterPanel class:

            IsisContext.doInSession(new Runnable() {
                @Override
                public void run() {
                    final UserRegistrationService userRegistrationService =
IsisContext.getPersistenceSession().getServicesInjector().lookupService(UserRegistrationService.class);

IsisContext.getTransactionManager().executeWithinTransaction(new
TransactionalClosureAbstract() {
                        @Override
                        public void execute() {

userRegistrationService.registerUser(userDetails);
                            removeAccountConfirmation();
                        }
                    });
                }
            });

Hope that gives you some clues...

Cheers
Dan

>
>
> gtz Johan
>
>
>
> [1] https://github.com/johandoornenbal/matching
>
>
>
>
>
>