# This feature is only available for projects with a professional subscription. PRO Project Users (UMS)

The Project Users or User Management System is the central hub of all user-related aspects of an application. It manages and controls users like signing up and sign-in, managing passwords, user groups, etc.

UMS allows you to organize the sign-in process for your application without any development. To grant specific access to resources, you need to use policies where Project Users is the subject.

# Sign-up a User

UMS uses an email and password as user credentials. You can pass extra fields as second argument to the ums.signUp() method. All extra fields will be stored as schemaless (unless you have created appropriated field at the UMS page of our management application https://app.jexia.com) therefore you are able to save as many fields as you need.

Below you can find an example of how to sign-up a new user.

  • JavaScript
  • Python
  • cURL
import { jexiaClient, UMSModule } from "jexia-sdk-js";  

const ums = new UMSModule();   
jexiaClient().init({    
  projectID: "PROJECT_ID"
}, ums); 
// For SDK > v5.0.0 
ums.signUp({    
    email: "user@company.com",    
    password: "my_password",
    age: 25, 
    address: { 
      city: "Apeldoorn",
      country: "NL"
    }
  }).subscribe(
    user => {..do something with registered user}, 
    error=>{..handle error}
  );  
//before < JS SDK v5.0.0.
ums.signUp({    
    email: "user@company.com",    
    password: "my_password"},
    {
      age: 25, 
      address: { 
        city: "Apeldoorn",
        country: "NL"
      }
    }).subscribe(
      user => {..do something with registered user}, 
      error=>{..handle error}
    );  

After execution, you will receive a JSON object similar to the following:

{  
 "id": "005c8679-3fad-46fd-a93f-9484ea8ff738",
 "email": "user@company.com", 
 "active": true,
 "age": 25,
 "address": { 
      "city": "Apeldoorn",
      "country": "NL"
 }, 
 "created_at": "2017-12-31T23:59:59.123456Z", 
 "updated_at": "2017-12-31T23:59:59.123456Z"
}

# Sign-in a User

There are two methods for signing in:

# Sign-in with e-mail and password

In order to sign-in a user with regular credentials, user account should already exist in your project (that means you have to sign-up they first).

  • JavaScript
  • Python
  • cURL
import { jexiaClient, UMSModule } from "jexia-sdk-js";

const ums = new UMSModule();
jexiaClient().init({
  projectID: "PROJECT_ID",
}, ums);

ums.signIn({
  email: 'Elon@tesla.com',
  password: 'secret-password',
  default: true,
  alias: 'Elon Musk',
}).subscribe(user => {
  // run request with current user token
}, error => {
  console.log(error)
});

Additional optional options:

  • default - if true, this user account will be used for all further data operations by default.
  • alias - account alias, you can use it to clarify which account is going to be used to perform data operation.

TIP

Within Jexia's SDKs there is a possibility to sign-in with many users and run requests with different users. For this, you need to use an alias. If you did not specify under which user to run a query, the SDK will use user with the value default: true.

# Sign-in with OAuth

Because the way OAuth 2.0 Protocol works, using it means there is an additional step which you authorize the application at the provider's page. To enable OAuth for your users, you need to go to "Project Users" in your project management and setup the required settings in "OAuth Providers" tab.

After that, in your application you'll need to initialize the authorization process:

  • JavaScript
const oauthOptions = {
  /*
   * possible values: 'sign-up' or 'sign-in'
   */
  action: 'sign-up',
  /*
   * The name of the provider, the list will be available in the management of your project
   */
  provider: 'facebook',
  /*
   * The URL which the oauth provider should redirect to.
   * This is optional and when not provided, the url you setup in your project will be used.
   */
  redirect: 'https://mydomain.com/oauth/init',
};

/*
 * When running in the browser, it will automatically redirect to the provider's page.
 */
ums.initOAuth(oauthOptions).subscribe();

/*
 * When running in NodeJS, it will resolve to the URL which user should navigate to in order to start authentication.
 * You can also pass `false` to the second argument so you can redirect some other time.
 */
ums.initOAuth(oauthOptions, false).subscribe(url => {
  // you can also redirect by yourself
  window.location.assign(url);
});

After the user is redirected to the provider's page, they should authorize and be redirected back to the redirect URL you passed. This request will contain two query parameters, code and state, you should get them and pass to sign in:

  • JavaScript
// Let's say the full redirected URL was: https://mydomain.com/oauth/init?code=some-random-code&state=sign-up
ums.signIn({
  code: 'some-random-code',
  state: 'sign-up',
  default: true, // optional
  alias: 'Elon Musk', // optional
}).subscribe(user => {
  // run request with current user token
}, error => {
  console.log(error)
});

# Fetch a User

To fetch a user you can look at the following methods:

  • JavaScript
  • Python
  • cURL
// via alias
ums.getUser('Elon Musk').subscribe();
// via email
ums.getUser('elon@tesla.com').subscribe();

# Delete a User

To be able to delete a user, you need to provide a password. This is needed for security reasons. You can do user management via CRUD operations. This method is mainly for the current user to delete themselves.

WARNING

This will be deprecated in future versions.

  • JavaScript
  • Python
  • cURL
ums.deleteUser('Elon@tesla.com', password)
.subscribe(user => {}, error=>{});    

# Change Password

There are two ways to change the password for a user by using their old password or by using automation.

# Using Their Password

  • JavaScript
  • Python
  • cURL
ums
.changePassword('Elon@tesla.com', oldPassword, newPassword)
.subscribe(user => {}, error=>{});   

# Using the Automation Module

You need to set up automation which will catch the UMS: password reset request event. Then, when you initiate a reset password, the user will get an email with a pre-made template message (see Automation). Inside you should create a link to a page with a new password entry form. From this page you can make a call resetPassword with a token from URL, thjs will allow Jexia to handle the request and apply changes to the new user to enable a new password.

  • JavaScript
  • Python
  • cURL
// To request email with new token: 
ums
.requestResetPassword('Elon@tesla.com')
.subscribe(user => {}, error=>{});   

// To apply newpassword
ums
.resetPassword(Token, newPassword)
.subscribe(user => {}, error=>{});   

# Users CRUD

It is also possible to use CRUD methods.

They have the same syntax and return values as corresponding data operation methods. For this you need to create a policy with the following values:

  • Subject: All Users
  • Resource: All Users
  • JavaScript
  • Python
  • cURL
// Select all active users  
ums.select()  
 .where(field => field("active").isEqualTo(true))  
 .subscribe(user => {}, error=>{});   
// Suspend Elon! 
ums.update({ active: false })  
 .where(field => field("email").isEqualTo("Elon@tesla.com"))  
 .subscribe(user => {}, error=>{});    
// Delete all suspended users  
ums.delete()  
 .where(field => field("active").isEqualTo(false))  
 .subscribe(user => {}, error=>{});