XF 2.1 External API Call During Registration

dawnveil

Member
My goal is when a user registers on the forum, changes their email, changes their password, or resets their password, I send a post request to an api I have hosted elsewhere with the user's data (user, pw, email). It seems like I just need to extend the proper classes (XFCP_Registration, XFCP_PasswordChange, XFCP_PasswordReset, XFCP_EmailChange) and send the post request with the data in the functions (setFromInput, setPassword, resetLostPassword, changeEmail). Would this be correct or am I simplifying this too much and is actually more work required?

The goal is to store the data on an external database as well as the xf database.
 
If anything you could probably simplify it further. I imagine you could get away with just extending the User and UserAuth entities instead, and you'd likely be better off that way as you wouldn't need to be concerned with where the updates are coming from (or any potential changes there over time).
 
Make a note of the password in setPassword, then send the API request in the _postSave() methods.

Though I would always recommend against retransmitting a user password... be sure you're hashing it sufficiently at the other end.
 
Last edited:
The hashes are stored as an array with the relevant class and the data. You'd need to re-implement the XF hashing algorithm on the other end. You're looking for the scheme_data field I believe.
 
Make a note of the password in setPassword, then send the API request in the _postSave() methods.

Though I would always recommend against retransmitting a user password... be sure you're hashing it sufficiently at the other end.

Could you elaborate on this a bit?
setPassword is in UserAuth and _postSave() is in User, so how would I get the password from 1 class to the other? I also didn't get any hits on _postSave when I tested changing my password but I did get a hit on setPassword.
 
It is defined in the base entity (\XF\Mvc\Entity\Entity) as an empty method by default. Only entities that need to hook post-save for special behaviors will extend it. For compatibility with other add-ons which may extend the same method, you should still call the parent even if the concrete class you're extending doesn't define its own _postSave() method.
 
Okay so hooking setPassword and _postSave() inside UserAuth gets me the new password, current username, and current email. Since you mentioned to hook _postSave() inside User for new users, how would I get their password? Also what about an email change? I wasn't sure where that was set.

I was using this code inside UserAuth to get the current data on a password change.
Code:
class UserAuth extends XFCP_UserAuth {

    protected $username = "";
    protected $newPassword = "";
    protected $email = "";

    public function setPassword($password, $authClass = null, $updatePasswordDate = true) {
        $res = parent::setPassword($password, $authClass = null, $updatePasswordDate = true);

        if ($res) {
            $this->username = $this->User->getExistingValue('username');
            $this->newPassword = $password;
            $this->email = $this->User->getExistingValue('email');
        }
        return $res;
    }

    public function _postSave() {
        parent::_postSave();

            // talk to api
    }
}
 
Last edited:
Top Bottom