[Solved]Create User at Run Time Through API or Program


(pawan kumar) #1

Since we will have the user information(Role,name and other information) in our HTTP request object once they will hit the neos/login page

Is there any way to create the user at run time through the program or API in Neos.
As user try to log in, first check if the given credentials is already there in neos, not to be created but if given credentials is new then it should create the user.

Please suggest.


(Soren Malling) #2

So no matter what submitted values (username + password) it will create a new user? That sounds a bit dangerous :slight_smile:

But if you wan’t to, you have to replace the AuthenticationProvider and implement that “create on the fly” (which is possible)


(pawan kumar) #3

Big thanks for reply.

Would you please give an idea how we can create on fly as you said it is possible.

The Thing is there is third party authentication provider(SSO
) so user credentials is already checked through their backend and once successfully it redirect to our neos application.

So we would be getting the user information from request object with the role ,on the fly we need to create those user if user comes at very first.(We don’t want to show the neos/login page again to login)

Would you please guide.


(Soren Malling) #4

I guess you have your own Authentication Provider at the moment, if you already authenticate the information?

If yes, then you create the account inside the authenticate method for ex with the AccountFactory


(pawan kumar) #5

Thanks for reply.

I am afraid ,could not get it.

Would you please bit explain ,how it could be done " If yes, then you create the account inside the authenticate method for ex with the AccountFactory".


(Soren Malling) #6

Did you create your own Authentication Provider to authenticate users somewhere else than the Neos user table ?

If yes, that should contain a authenticate() method (defined in the AuthenticationProviderInterface. Have a look at PersistedUsernamePasswordProvider for an example) Inside that authenticate() method is where you want to create and persist your Neos User model.

Look at this Instagram authentication implementation


(pawan kumar) #7

Thanks for the update.

Did you create your own Authentication Provider to authenticate users somewhere else than the Neos user table ?” Yes we have third-party authentication provider where user are stored in their LDAP directory(User info like role, name…)

So if the user comes at very first, on fly user has to be created in Neos (after successfully get authenticated through authentication provider.)
Note: “At the very first time, In future since the user is already created, no need to create again and again.”

So I got a bit idea as you have mentioned above but how we would be able to call these above methods.
(how Could directly do and take the user Noes page(don’t want to show Neos login page)


(Soren Malling) #8

What did you try so far? The Instagram authentication provider linked to does exactly the creation of a account on the fly


(Soren Malling) #9

Did you work around this issue or found a different solution?


(pawan kumar) #10

Hi.
Still i need to do that configuration.
I am afraid ,how to do that.


(Soren Malling) #11

Can you paste your authenticationprovider here? That will help alot :slight_smile:


(Soren Malling) #13

That’s not your authentication provider in Flow/Neos but some other configuration it seems.

You need to look at creating your AuthenticationProvider (did you read the Documentation security and authentication yet? https://flowframework.readthedocs.io/en/stable/TheDefinitiveGuide/PartIII/Security.html#authentication) maybe by extending the one used for Neos and then set that in your Configuration.

And in that, you create a user, like in the Instagram Provider I shown above.


(pawan kumar) #14

Thanks for Reply.

yes,I have have gone through the document and knew that user account could be created on fly as mentioned in Instagram Provider.

But as per my understanding, the custom authentication provider will be called once we submit the user credentials from neos/login page.(Can we directly login without neos/login page)

And I want something to avoid neos/login page and on fly user get created and logged IN.


(pawan kumar) #16

Any solution for that?@sorenmalling.


(pawan kumar) #17

It got solved now.

Had to write the code in same PersistedUsernamePasswordProvider where i check first if user is not there ,create the user first and logged into neos
please find below code for same where i have few information in cookies (like first name and last name)

    if($account === null){
        $firstName = '';
        $lastName = '';
        $array= $this->securityContext->getRequest()->getHttpRequest()->getCookieParams();
        foreach ($array as $key => $value) {
            if($key === "fname"){
                $firstName= $value;
            }else if($key === "lname"){
                $lastName= $value;
            }
        }
        $accountIdentifier = $credentials['username'];
        $password = $credentials['password'];
        $user = new User();
        $user->setName(new PersonName('', $firstName, '', $lastName));
        $user->getPreferences()->set('context.workspace', 'user-' . $accountIdentifier);
        $this->partyRepository->add($user);

        $account = $this->accountFactory->createAccountWithPassword($accountIdentifier, $password, array('Neos.Neos:Administrator'), 'Neos.Neos:Backend');
        $this->partyService->assignAccountToParty($account, $user);
        $account->setExpirationDate(new \DateTime('+1 week'));
        $this->accountRepository->add($account);

    }