Hello, I would like to check if a user email or user name has already been registered.
It looks like /system/user has the information I need, but when my app needs to check DF system for a specific user name I won’t have a session_token., so my idea probably won’t work.
Is there an easy way to see if a user name has been taken?
P.S. is there a list of API calls which do not require a session token? Is /user/register and /user/session the only APIs that don’t require a session token?
When using the API Docs and you would test this functionality (POST /user/register) you will find out that it will throw and error when creating a user with a username that is already taken.
{
"error": {
"context": {
"email": [
"The email has already been taken."
]
},
"message": "Validation failed",
"code": 400,
If you want to create something that before you hit the submit button to check if the username it taken, you probably need to query GET /user/profile to check if that user already exists.
You can setup access to these APIs under roles. You could create a default guest user and use that token to access this information. In the API Docs you can see which need a valid session token (Implementation Notes).
GET on /user/profile only returns information about a user that is already logged in as far as I know. From what I found only /system/user can check every user in the system.
To be more clear, I actually want to make sure the field “first_name” is unique to every user. I’m using that field as a user ID which is displayed to all users of my app. It’s less confusing if people can’t take the same user ID. If this check is missing my app might show 10 different people posting under the same name, but only a DF admin who can see their email would know it’s a different person.
1: Create another table with userdetails that is not part of the User part of the database. For example a list of all usernames / first names taken. Obviously for every user register you need to create a new record
2: Create a custom thing under users. I’m not sure where this data is stored, but it’s stored somewhere (believe it’s directly related to the user because you will have add the userID
Here is how I would address this:
Create another app (api key) that is not shared publicly.
Create a role with GET access via SCRIPT on system/user and system/user/*
Create an event script on user.register.post.pre_process
In your script you can user the event.request object to grab the POST data (in this case you want the first name)
Then you can use platform.api to check for the existence of the first name in an existing user:
Your request url would be user/session?api_key=theapikeywecreatedfirst&filter=first_name%3D’the name from the post data’
Then in your script if the user/session query returns no results that’s fine. If it does, you stop processing and return an error to the client.
I have a similar problem and your proposed solution won’t work.
I need to validate a facebook token before the user can log in. I’ve written a custom script service that handles this in php, but i’ve got no session token to provide so I can’t access the service and I can’t make a certain service public.
I can’t use the facebook oauth you provide because well it’s a mobile app that uses native fb login integration. Still the token must be checked with a http request on the server side.
Can someone explain why this script doesn’t work in user.register.post.pre_process?
var lodash = require("lodash.min.js");
if (event.request.payload.resource) { // use 'payload' for request
lodash._.each(event.request.payload.resource, function( record ) {
if (record.first_name === '') {
throw 'Name field is required';
}
});
}
If I register a user with first_name = “” it succeeds.
If anyone sees this. The reason the script doesn’t work is because user.register.post.pre_process does not have a ‘resource’ object. You would need to look at the payload directly.
I put a working example in python here as soon as my pull request is approved: