This example is showing the ability that user can change his/her mail address by verifying the new mail address through a one time code.
Flow
prep
- base is just the idm example under samples/sync-with-csv
- mailHelper.js file to ./script
- emailTemplate-verifyChange.json file to ./conf
- new managed.json in ./conf
- custom rest endpoint mailvalidation ./conf and ./script
- Mail configuration to receive mails ./conf
- access.js in ./script to allow calling custom rest endpoint
Detail description of the flow
User changes mail address
User logs in dashboard http://localhost:8080/#/profile and changes mail address This will trigger the onUpdate script of user managed object
onUpdate script:
require('onUpdateUser').preserveLastSync(object, oldObject, request);require('mailHelper').checkChange(context, 'mail', object, oldObject);
checkChange is called in mailHelper.js (.script/) This creates:
"verificationData": {
"mail": {
"code": 72594,
"value": "bjensen@test4.com"
}
}
NOTE that the new email is now in verificationData.mail.value and old mail is still in user.mail
Mail is send out to new users mail with URL to click for mail change verificationData
mail send out part of the code:
var emailConfig = openidm.read("config/external.email"),
Handlebars = require('lib/handlebars'),
emailTemplate = openidm.read("config/emailTemplate/verifyChange");
// revert the change to the attribute, pending verification
object[attribute] = oldObject[attribute];
// copied from onCreateUser.emailUser()
var email,
template,
locale = emailTemplate.defaultLocale;
email = {
"from": emailTemplate.from || emailConfig.from,
"to": object.verificationData[attribute].value,
"subject": emailTemplate.subject[locale],
"type": "text/html"
};
template = Handlebars.compile(emailTemplate.message[locale]);
email.body = template({
"object": object,
"verification": object.verificationData[attribute]
});
// do NOT wait for completion, so that this call will succeed even if email fails to send
openidm.action("external/email", "send", email, { waitForCompletion: false });
{{host}}:{{port}}/openidm/endpoint/mailvalidation?code=72594&userid=bjensen
User checks mail and clicks to URL for verification
endpoint/mailvalidation
The call reads user object (as in userid=bjensen) and checks code value users object is updated with mail=newMailAddress
Final mail is send out to user.
Thanks to
Jake for initial scripts (especialliy to call the mail template!!!)
Copyright
Copyright 2014-2017 ForgeRock AS. All Rights Reserved
Use of this code requires a commercial software license with ForgeRock AS. or with one of its affiliates. All use shall be exclusively subject to such license between the licensee and ForgeRock AS.
One-Way Sync With CSV Sample
This sample demonstrates reconciliation between a CSV file and the managed/user repository. For documentation relating to this sample, see https://backstage.forgerock.com/docs/idm/6.5/samples-guide#chap-sync-with-csv
Related articles