I am working on a project where we put an API Gateway in front of a Speckle Server and some other things.
I am looking for a way to register users on my Speckle Server from the backend layer, and not from the Speckle frontend. The main reason is because I want to relate Speckle Accounts to my general User Account.
I’ve wrestled with this a little. You may (with appropriate auth scope) make a server invite or stream invite. This is no guarantee of user creation and doesn’t yield a proto-id, say.
There a few spots dotted around the server code that were you running your own, you could join the dots by listening to user_creation that matches those invites.
Consider it “eventual consistency” powered by meat.
I haven’t tried but it may be possible to add a webhook programmatically for the user_create event. (I don’t see any validation on the event types). But, it’s excluded from the web UI so @dimitrie may disapprove of the suggestion.
Are you looking into hiding the Speckle account completely to the user?
Not an OAuth expert here… But usually, the way other apps i’ve seen pulling this off was to allow to link your account, which basically just sends the user through the auth page of the service to get the access_token and refresh_token. You can then store these (hopefully encrypted) in your DB linked to your user. Every time your user needs Speckle from that point onward, you can use the tokens in your DB (either on the backend or the frontend)
Since the /auth methods return a redirect response. You may need to pull this off in the frontend as part of your registration process:
User fills in form in frontend and hits ok
You register your user in the backend
Frontend receives successful registration
You then start the speckle registration using the user details by calling /auth/local/register with email and pwd
Speckle will return a redirect with the `access_token``
Swap that for the real tokens, and store them in your DB
It may be that the web team screams at me after suggesting this though…
That’s tricky unfortunately. I remember @Baris & the team at Ekkodale did something similar, but unsure how they achieved it. If you have direct control over the database - as it seems you do - it might be easiest to insert a record in the speckle db directly from your app for the respective user.
The currently supported way is to register your application on the speckle server as a third party app (or first party, if you control the deployment) and thereafter request the user’s permission for your app do to various things on their behalf (as defined through the scopes that you specifiy when you register your app). Once you have that, you can definitively tie in their account with your internal account!