Users

Guillotina provides OOTB the package to manage and store users/groups.

Installation

Add the guillotina.contrib.dbusers to the list of applications in your config.yaml. Also make sure you are not overriding the auth_user_identifiers configuration value in your config.yaml as guillotina_dbusers uses that to work.

After you restart guillotina, you can also install dbusers into your container using the @addons endpoint:

http

POST /db/container/@addons HTTP/1.1
Accept: application/json
Authorization: Basic cm9vdDpyb290
Content-Type: application/json
Host: localhost:8080

{
    "id": "dbusers"
}

curl

curl -i -X POST http://localhost:8080/db/container/@addons -H 'Accept: application/json' -H 'Content-Type: application/json' --data-raw '{"id": "dbusers"}' --user root:root

wget

wget -S -O- http://localhost:8080/db/container/@addons --header='Accept: application/json' --header='Content-Type: application/json' --post-data='{"id": "dbusers"}' --auth-no-challenge --user=root --password=root

httpie

echo '{
  "id": "dbusers"
}' | http POST http://localhost:8080/db/container/@addons Accept:application/json Content-Type:application/json -a root:root

python-requests

requests.post('http://localhost:8080/db/container/@addons', headers={'Accept': 'application/json', 'Content-Type': 'application/json'}, json={'id': 'dbusers'}, auth=('root', 'root'))

response

HTTP/1.1 200 OK
Content-Type: application/json

{
    "available": [
        {
            "id": "dbusers",
            "title": "Guillotina DB Users"
        },
        {
            "id": "application_name",
            "title": "Your application title"
        }
    ],
    "installed": [
        "dbusers",
        "application_name"
    ]
}

Add users

Creating users is just creating a user object.

http

POST /db/container/users HTTP/1.1
Accept: application/json
Authorization: Basic cm9vdDpyb290
Content-Type: application/json
Host: localhost:8080

{
    "@type": "User",
    "email": "bob@domain.io",
    "password": "secret",
    "username": "Bob",
    "user_roles": ["guillotina.Member"]
}

curl

curl -i -X POST http://localhost:8080/db/container/users -H 'Accept: application/json' -H 'Content-Type: application/json' --data-raw '{"@type": "User", "email": "bob@domain.io", "password": "secret", "user_roles": ["guillotina.Member"], "username": "Bob"}' --user root:root

wget

wget -S -O- http://localhost:8080/db/container/users --header='Accept: application/json' --header='Content-Type: application/json' --post-data='{"@type": "User", "email": "bob@domain.io", "password": "secret", "user_roles": ["guillotina.Member"], "username": "Bob"}' --auth-no-challenge --user=root --password=root

httpie

echo '{
  "@type": "User",
  "email": "bob@domain.io",
  "password": "secret",
  "user_roles": [
    "guillotina.Member"
  ],
  "username": "Bob"
}' | http POST http://localhost:8080/db/container/users Accept:application/json Content-Type:application/json -a root:root

python-requests

requests.post('http://localhost:8080/db/container/users', headers={'Accept': 'application/json', 'Content-Type': 'application/json'}, json={'@type': 'User', 'email': 'bob@domain.io', 'password': 'secret', 'user_roles': ['guillotina.Member'], 'username': 'Bob'}, auth=('root', 'root'))

response

HTTP/1.1 201 Created
Content-Type: application/json
Location: http://localhost:8080/db/container/users/Bob

{
    "@id": "http://localhost:8080/db/container/users/Bob",
    "@name": "Bob",
    "@type": "User",
    "@uid": "6e6|753|05893a69ee6e4f56b540248b5728c4a4",
    "UID": "6e6|753|05893a69ee6e4f56b540248b5728c4a4"
}

Logging in can be done with the @login endpoint which returns a jwt token.

http

POST /db/container/@login HTTP/1.1
Accept: application/json
Authorization: Basic cm9vdDpyb290
Content-Type: application/json
Host: localhost:8080

{
    "password": "secret",
    "username": "Bob"
}

curl

curl -i -X POST http://localhost:8080/db/container/@login -H 'Accept: application/json' -H 'Content-Type: application/json' --data-raw '{"password": "secret", "username": "Bob"}' --user root:root

wget

wget -S -O- http://localhost:8080/db/container/@login --header='Accept: application/json' --header='Content-Type: application/json' --post-data='{"password": "secret", "username": "Bob"}' --auth-no-challenge --user=root --password=root

httpie

echo '{
  "password": "secret",
  "username": "Bob"
}' | http POST http://localhost:8080/db/container/@login Accept:application/json Content-Type:application/json -a root:root

python-requests

requests.post('http://localhost:8080/db/container/@login', headers={'Accept': 'application/json', 'Content-Type': 'application/json'}, json={'password': 'secret', 'username': 'Bob'}, auth=('root', 'root'))

response

HTTP/1.1 200 OK
Content-Type: application/json

{
    "exp": 1532253747,
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MzIyNTM3NDcsImlkIjoiQm9iIn0.1-JbNe1xNoHJgPEmJ05oULi4I9OMGBsviWFHnFPvm-I"
}

Then, future requests are done with a Bearer token with the jwt token. For example, to create a conversation with your user:

http

POST /db/container/conversations/ HTTP/1.1
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MzIyNTM3NDcsImlkIjoiQm9iIn0.1-JbNe1xNoHJgPEmJ05oULi4I9OMGBsviWFHnFPvm-I
Host: localhost:8080

{
  "@type": "Conversation",
  "title": "New convo with foobar2",
  "users": ["foobar", "foobar2"]
}

curl

curl -i -X POST http://localhost:8080/db/container/conversations/ -H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MzIyNTM3NDcsImlkIjoiQm9iIn0.1-JbNe1xNoHJgPEmJ05oULi4I9OMGBsviWFHnFPvm-I' --data-raw '{
  "@type": "Conversation",
  "title": "New convo with foobar2",
  "users": ["foobar", "foobar2"]
}'

wget

wget -S -O- http://localhost:8080/db/container/conversations/ --header='Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MzIyNTM3NDcsImlkIjoiQm9iIn0.1-JbNe1xNoHJgPEmJ05oULi4I9OMGBsviWFHnFPvm-I' --post-data='{
  "@type": "Conversation",
  "title": "New convo with foobar2",
  "users": ["foobar", "foobar2"]
}'

httpie

echo '{
  "@type": "Conversation",
  "title": "New convo with foobar2",
  "users": ["foobar", "foobar2"]
}' | http POST http://localhost:8080/db/container/conversations/ Authorization:'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MzIyNTM3NDcsImlkIjoiQm9iIn0.1-JbNe1xNoHJgPEmJ05oULi4I9OMGBsviWFHnFPvm-I'

python-requests

requests.post('http://localhost:8080/db/container/conversations/', headers={'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MzIyNTM3NDcsImlkIjoiQm9iIn0.1-JbNe1xNoHJgPEmJ05oULi4I9OMGBsviWFHnFPvm-I'}, data='{\r\n  "@type": "Conversation",\r\n  "title": "New convo with foobar2",\r\n  "users": ["foobar", "foobar2"]\r\n}')