Register user without registration form

[ghost]

Hello,

I have question. We are running ots server and we would like to know if it's possible to register user (to use ots API) without working smtp or sendgrid settings? We would like to have control on users os we will create manually if needed.

Since server is publicly available we don't want non-company users to be able to register.

Also I want to know where is user info saved?

Thanks

[delano]

Question 1

We are running ots server and we would like to know if it's possible to register user (to use ots API) without working smtp or sendgrid settings?

You can create a user manually from the REPL and skip the verification email

 $ cd path/2/onetimesecret
 $ irb -I lib -r onetime -r securerandom
 irb(main)> 

Then you can create a user the same way the webapp does in OT::App.create_account:

   irb(main)> # Replicate the local vars
   irb(main)> custid = 'example@example.com'
   irb(main)> plan = OT::Plan.plan(:individual_v1)
   irb(main)> passphrase = 'CHANGEME'  
   irb(main)> # OR, generate one for them
   irb(main)> passphrase = SecureRandom.alphanumeric(32)

   irb(main)> # Create a Customer record and save it to the database
   irb(main)> cust = OT::Customer.create custid

   irb(main)> # Update the customer record
   irb(main)> cust.update_passphrase passphrase
   irb(main)> sess.update_fields :custid => cust.custid, :authenticated => false
   irb(main)> cust.update_fields :planid => plan.planid, :verified => true

   irb(main)> # Create a secret pair for the new passphrase
   irb(main)> metadata, secret = Onetime::Secret.spawn_pair(cust.custid)
   irb(main)> secret.encrypt_value passphrase
   irb(main)> secret.save

   irb(main)> # `metadata` is an instance of OT::Metadata, which is for you
   irb(main)> # `secret` is an instance of OT::Secret, which is for the new user

   irb(main)> # From your /etc/config file
   irb(main)> baseuri = Onetime.conf[:site][:host]

   irb(main)> metadata_uri = 'https://%s/private/%s' % [baseuri, metadata.identifier]
   irb(main)> secret_uri = 'https://%s/secret/%s' % [baseuri, metadata.identifier]

   irb(main)> puts metadata_uri  # => https://example.com/private/abcd...
   irb(main)> puts secret_uri      # => https://example.com/secret/1234...

Take a look at OT::Logic::CreateAccount.process does for more details.

2. You could also write a short script that uses the API

That would avoid interacting directly with the code. With a script you can get the manual work down to something like:

 $ otsuser --verbose example@example.com [planid]
 Customer a1b2c3e4 created on the individual_v1 plan

 For you: https://example.com/private/abcd...
 For the new user: https://example.com/secret/1234...

 $ otsuser example@example.com [planid]
 https://example.com/secret/1234...

Question 2

Also I want to know where is user info saved?

Every model that's stored in redis is subclassed from Familia. One of the arguments it supports is :db => N where N is a number between 1 and 9 (in terms of the ones this codebase uses). This determines which redis database the object is saved into. Customers are stored in db 6 for example. Metadata is 7, Secrets are 8.

You can do a find for :db => to see all the databases that are used. In redis, you can get the list of customers:

 $ redis-cli
 redis 127.0.0.1:6379> select 6
 redis 127.0.0.1:6379> keys "customer:*:object"
customer:example@example.com:object

Additional context

• See my Disable Create Account Option #170 (comment) on a similar issue for suggestions on how to modify the plans and a workaround to completely prevent signups.
• View the default list of plans
• OT::Logic::CreateAccount