Users¶
Guillotina provides OOTB the package to manage and store users/groups.
Installation¶
Add the guillotina.contrib.dbusers
to the list of applications in your config.yaml
.
Also make sure you are not overriding the auth_user_identifiers
configuration
value in your config.yaml
as guillotina_dbusers
uses that to work.
After you restart guillotina, you can also install dbusers
into your container using the @addons
endpoint:
POST /db/container/@addons HTTP/1.1
Accept: application/json
Authorization: Basic cm9vdDpyb290
Content-Type: application/json
Host: localhost:8080
{
"id": "dbusers"
}
curl -i -X POST http://localhost:8080/db/container/@addons -H 'Accept: application/json' -H 'Content-Type: application/json' --data-raw '{"id": "dbusers"}' --user root:root
wget -S -O- http://localhost:8080/db/container/@addons --header='Accept: application/json' --header='Content-Type: application/json' --post-data='{"id": "dbusers"}' --auth-no-challenge --user=root --password=root
echo '{
"id": "dbusers"
}' | http POST http://localhost:8080/db/container/@addons Accept:application/json Content-Type:application/json -a root:root
requests.post('http://localhost:8080/db/container/@addons', headers={'Accept': 'application/json', 'Content-Type': 'application/json'}, json={'id': 'dbusers'}, auth=('root', 'root'))
HTTP/1.1 200 OK
Content-Type: application/json
{
"available": [
{
"id": "dbusers",
"title": "Guillotina DB Users"
},
{
"id": "application_name",
"title": "Your application title"
}
],
"installed": [
"dbusers",
"application_name"
]
}
Add users¶
Creating users is just creating a user object.
POST /db/container/users HTTP/1.1
Accept: application/json
Authorization: Basic cm9vdDpyb290
Content-Type: application/json
Host: localhost:8080
{
"@type": "User",
"email": "bob@domain.io",
"password": "secret",
"username": "bob",
"user_roles": ["guillotina.Member"]
}
curl -i -X POST http://localhost:8080/db/container/users -H 'Accept: application/json' -H 'Content-Type: application/json' --data-raw '{"@type": "User", "email": "bob@domain.io", "password": "secret", "user_roles": ["guillotina.Member"], "username": "bob"}' --user root:root
wget -S -O- http://localhost:8080/db/container/users --header='Accept: application/json' --header='Content-Type: application/json' --post-data='{"@type": "User", "email": "bob@domain.io", "password": "secret", "user_roles": ["guillotina.Member"], "username": "bob"}' --auth-no-challenge --user=root --password=root
echo '{
"@type": "User",
"email": "bob@domain.io",
"password": "secret",
"user_roles": [
"guillotina.Member"
],
"username": "bob"
}' | http POST http://localhost:8080/db/container/users Accept:application/json Content-Type:application/json -a root:root
requests.post('http://localhost:8080/db/container/users', headers={'Accept': 'application/json', 'Content-Type': 'application/json'}, json={'@type': 'User', 'email': 'bob@domain.io', 'password': 'secret', 'user_roles': ['guillotina.Member'], 'username': 'bob'}, auth=('root', 'root'))
HTTP/1.1 201 Created
Content-Type: application/json
Location: http://localhost:8080/db/container/users/bob
{
"@id": "http://localhost:8080/db/container/users/bob",
"@name": "bob",
"@type": "User",
"@uid": "6e6|753|05893a69ee6e4f56b540248b5728c4a4",
"UID": "6e6|753|05893a69ee6e4f56b540248b5728c4a4"
}
Logging in can be done with the @login
endpoint which returns a jwt token.
POST /db/container/@login HTTP/1.1
Accept: application/json
Authorization: Basic cm9vdDpyb290
Content-Type: application/json
Host: localhost:8080
{
"password": "secret",
"username": "bob"
}
curl -i -X POST http://localhost:8080/db/container/@login -H 'Accept: application/json' -H 'Content-Type: application/json' --data-raw '{"password": "secret", "username": "bob"}' --user root:root
wget -S -O- http://localhost:8080/db/container/@login --header='Accept: application/json' --header='Content-Type: application/json' --post-data='{"password": "secret", "username": "bob"}' --auth-no-challenge --user=root --password=root
echo '{
"password": "secret",
"username": "bob"
}' | http POST http://localhost:8080/db/container/@login Accept:application/json Content-Type:application/json -a root:root
requests.post('http://localhost:8080/db/container/@login', headers={'Accept': 'application/json', 'Content-Type': 'application/json'}, json={'password': 'secret', 'username': 'bob'}, auth=('root', 'root'))
HTTP/1.1 200 OK
Content-Type: application/json
{
"exp": 1532253747,
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MzIyNTM3NDcsImlkIjoiQm9iIn0.1-JbNe1xNoHJgPEmJ05oULi4I9OMGBsviWFHnFPvm-I"
}
Then, future requests are done with a Bearer
token with the jwt token. For
example, to create a conversation with your user:
POST /db/container/conversations/ HTTP/1.1
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MzIyNTM3NDcsImlkIjoiQm9iIn0.1-JbNe1xNoHJgPEmJ05oULi4I9OMGBsviWFHnFPvm-I
Host: localhost:8080
{
"@type": "Conversation",
"title": "New convo with foobar2",
"users": ["foobar", "foobar2"]
}
curl -i -X POST http://localhost:8080/db/container/conversations/ -H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MzIyNTM3NDcsImlkIjoiQm9iIn0.1-JbNe1xNoHJgPEmJ05oULi4I9OMGBsviWFHnFPvm-I' --data-raw '{
"@type": "Conversation",
"title": "New convo with foobar2",
"users": ["foobar", "foobar2"]
}'
wget -S -O- http://localhost:8080/db/container/conversations/ --header='Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MzIyNTM3NDcsImlkIjoiQm9iIn0.1-JbNe1xNoHJgPEmJ05oULi4I9OMGBsviWFHnFPvm-I' --post-data='{
"@type": "Conversation",
"title": "New convo with foobar2",
"users": ["foobar", "foobar2"]
}'
echo '{
"@type": "Conversation",
"title": "New convo with foobar2",
"users": ["foobar", "foobar2"]
}' | http POST http://localhost:8080/db/container/conversations/ Authorization:'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MzIyNTM3NDcsImlkIjoiQm9iIn0.1-JbNe1xNoHJgPEmJ05oULi4I9OMGBsviWFHnFPvm-I'
requests.post('http://localhost:8080/db/container/conversations/', headers={'Authorization': 'Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1MzIyNTM3NDcsImlkIjoiQm9iIn0.1-JbNe1xNoHJgPEmJ05oULi4I9OMGBsviWFHnFPvm-I'}, data='{\r\n "@type": "Conversation",\r\n "title": "New convo with foobar2",\r\n "users": ["foobar", "foobar2"]\r\n}')