I am using strapi V4. I want to customize forgot password API. When the user hits API then strapi is sending the email to the user's email address with a unique code. Instead of that code, I want only 4 digit unique number. How can I do this please help me.
Related
I have a requirement in my app to sign up with Twitter, so for a first time user, the server stores (among other things) email, password, first name and last name.
But the only things I can get from the Twitter/social framework is the profile id, username, first name and last name. Is there any alternative for getting the email address, or will I have to change the signup mode in my server's app?
Unfortunately it seems that we cant get email address from twitter, so I had to change my signup mode by validation through the twitter login and users profile id. If anybody else has found a workaround please do post your solution. I'll mark that as best answer.
In my app I want to show the Google+ profile picture for a user.
The only function, I found, in the API to get the profile picture needs a userId.
However, I only have their email adress and not their Google+ userID.
Moreover the person, whose image I want to get, should not be forced to log in and authorize my app, as this person is mostly not identical to the user of the app.
So I think I need to get their userId by email. I read through the Google+ API documentation but can't find a way to do this, but I can't believe that this is not possible.
So my question is:
How can I get the Google+ userID with only an email address?
Is there maybe an other Google API to get a profile picture?
There is an API provided by https://www.avatarapi.com/ which returns the user's name and profile pic from an email address based on Google's public info.
It can be called via SOAP or HTTP at this API endpoint:
https://www.avatarapi.com/avatar.asmx
One of the benefits of this API is that it does not require the user to be authenticated with Google via OAUTH, so this could be exactly what you are looking for.
You can't do this using just their email address, however, if they paste their Google+ url, you could parse the id from the URL string and then get their profile image (and cover image!) using the public data API. The url: https://plus.google.com/me will bring you to their profile.
I highly doubt this is possible. Any kind of querying against the Google Plus API requires OAUTH. What's more, I'm not aware of way to query for a user ID by email address in the first place.
This thread would seem to confirm that this is currently not possible.
You can use the people.search API to search by email address and without requesting the user to authenticate. However, that will only search the public profile fields, which email is not a public field by default.
The only API methods that require OAuth are those that access private data. For public data, you can use the more simple API key method.
To reliably achieve what you are describing, you'll want to use Oauth and the plus.me scope to get the information that you want. This does require authorizing your app however.
Based on a url like
https://plus.google.com/123456789012345678901 # dummy number
How I can find the gmail username?
If you are developing an app or script, you can use Oauth 2.0 and request the userinfo.email scope.
For details, see https://stackoverflow.com/a/7836385/1354939
This does require that you configure a Google APIs Console project and create a OAuth 2.0 client ID.
You can't. For privacy reasons, having someone in a circle or knowing their Google Plus id should not be enough to get an email address.
It should not be possible to find an arbitrary user's email address solely from the id contained in such a Google+ URL.
Let's imagine that we have ecommerce website that suggests 3 way for user registration:
regular email
via facebook
via twitter
Now let's imagine that we have user signed via facebook/twitter account and we need send him notification about his order (order complete or s/t like that). How can we do this? It is absolutely clear for regular email users - we should just email them notification, but what about Facebook/Twitter users?
Thank you!
With Facebook when they authenticate with your application, you can request email permissions to be able to access the email address they have nominated to use with their facebook account. At the point of registeration you could then store this address in your database and all order flow could follow the existing email path.
You could probably re-use this methodology for twitter too.
I can understand the need to differentiate on registration processes however I think you want to streamline post order notification as much as possible for consistency across users.
I've integrated social logins (Facebook, Twitter, etc.) with a Rails app using Devise and OAuth. The requests and callbacks all work great and users are able to authenticate the app and login efficiently.
My problem is this:
With Devise, my site has the user's email address as the username. So, whenever a user logs in through a social site for the first time, a 'connection' record is stored for their account to show which social sites they've logged in with. If they don't already have an account on my site, one is created with the email address from the callback array. The connection is then stored along with the returned tokens and secrets for later use (FB posts, tweets, etc.).
Unfortunately, Twitter doesn't provide the email address. To circumvent this, I'm asking first-time users that login with Twitter to simply provide an email address so an account can be created. However, I can't figure out what to do if they already have an account on my site. I can't check if they already do since I'm not given an email address to match up. This could ultimately cause a user to have multiple accounts.
So, I'm a bit at a loss, and if anyone has any suggestions, it would be extremely helpful.
Thanks! :)
You'll need to store some oauth provider info like {provider, twitter identifier} too to your database and then check twitter oauths based on that instead of the email ID.
The simplest thing to do would be to add a slightly different flow for if the login was via twitter. Ask a first time Twitter login user for the email ID. In your users table, add a column called tw_id and add the users twitter identifier. Next time, if the login is via Twitter, you check the tw_id instead of the provider email and proceed with the normal app flow.