Using username or email in a data resource (i.e. passing it to REST api)


#1

Hi all,

I want to build a simple app with the free plan that allows a user to log in and see ‘their’ items from our REST api. It’s ok that I have to create the users myself in the appgyver backend.

In practice I have a platform with different shops, and I am thinking of just creating users with as their user full name the shop, and a password I choose and share only with them.

Then in my api resource I would love that it passes ‘logged in user name’, so that my api returns the proper values. The ‘security’ here would be that they can only reach that page of the app after having logged in of course.

Is this possible somehow? I saw the video tutorial on custom queries, so that comes close - you can fetch data with a query parameter that the user ENTERED in a field. Is there also a way to add a query parameter that is automatically set to the logged in username?

(or set it as a header or {id} or whatever)

Curious if this is possible!


#2

Definitely possible! However, you’d really want to do this via Cloud Mesh on the paid plans, as that is the feature that is designed for this, but you can kinda hack your way around via custom JavaScript.

To get the current user, you can run:

supersonic.auth.users.getCurrentUser().then(
  function(user){console.log(user)};
);

To store the data in a variable, you can use:

supersonic.data.storage.property("currentUserName").set(user.name);

Finally, to make this available as a reference, there’s a hoop that you have to jump through where some logic editor action needs to set the variable (with the Set Variable) action for it to become recognizable to use as a reference. You can hack around this by e.g. creating an always-true if action on the page load event (deselect components and click the “Add Logic” button to access the logic editor for the page load event), and then adding the Set Variable action to the false branch (which never fires).

Then, you’d mirror the custom queries video tutorial, but just use the storage variable. Note that you’ll probably need to URI escape the username to use in the query.