{ DreamFactory: 'Blog' }

Wordpress integration with the DreamFactory REST API platform for user management

Posted by Jessica Rose

Thu, Jan 21, 2016

Noggle CEO Lars von Thienen has been indulging in a little island hopping lately. There aren’t many palm trees on these islands, but getting between them is a lot faster and safer now.

The new Noggle service allows controlled and privileged access across a broad information archipelago. It’s a peer-to-peer document network that’s fully indexed and searchable from a single, unified access point.

It’s a clever solution to distributed content that allows users to maintain their own islands of content, without having to store them in shared repositories. They simply tell Noggle where the docs are on their computer and they are exposed to their peer network; fully indexed, searchable, and sharable.

An early challenge for Noggle was how to control shared file access in a secure and extensible way. DreamFactory ended up being the perfect solution. It gave von Thienen a granular system of user creation and role control that’s secure and scalable.

DreamFactory also served as a perfect bolt-on service to their existing Wordpress/Woocommerce portal. Von Thienen crafted a series of functions for integrating DreamFactory into Wordpress and has generously shared them with us.

This code assumes the existence of an existing DreamFactory instance along with a valid user with sufficient priveleges to access the user/system API.

General usage

  1. Get a valid token with GetDreamfactoryToken()
  2. Prepare the POST/GET body with parameters
  3. Call CallDFAPI() with parameters
  4. Define the correct Wordpress hooks and execution points

Get a valid Dreamfactory token

Here is a low level PHP function to get a current token for user management, via a Dreamfactory instance at YOURHOST. It returns a valid token for further processing or error.

function GetDreamfactoryToken()
{
$method = 'POST';
$url = 'https://[YOURHOST.COM]/api/v2/user/session';

$params = array(
'email' => '[YOUREMAIL@HOST.COM]’,
'password' => [USERPW]'
);

// JSON REQUEST FORMAT
$headers = array(
'Accept: application/json',
'Content-Type: application/json'
);

$curl = curl_init();

curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($params));

curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_SSLVERSION, 4);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

$response = curl_exec($curl);

$code = curl_getinfo($curl, CURLINFO_HTTP_CODE);

curl_close($curl);

if ($code == 200) {
$response = json_decode($response, true);
$token= $response["session_token"];
return $token;
} else {
//return $curl_error;
return 'error';
}
}

Call the DreamFactory API

This function is a general helper to call Dreamfactory REST APIs. It returns a decoded JSON string or error code and needs a valid session token and DreamFactory API key.

function CallDFAPI($method, $url, $token, $params, $postbody=NULL)
{
$headers = array(
'X-DreamFactory-Session-Token:'.$token,
'X-DreamFactory-Api-Key: [YOUR_DREAMFACTORY_API_KEY]',
'Accept: application/json',
'Content-Type: application/json'
);

$curl = curl_init();

switch($method) {
case 'GET':
$url .= '?' . http_build_query($params);
break;
case 'POST':
curl_setopt($curl, CURLOPT_POST, true);
if ($postbody != NULL)
curl_setopt($curl, CURLOPT_POSTFIELDS, $postbody);
else
curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($params));
break;
case 'PUT':
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($params));
break;
case 'PATCH':
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'PATCH');
if ($postbody != NULL)
curl_setopt($curl, CURLOPT_POSTFIELDS, $postbody);
else
curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($params));
break;
case 'DELETE':
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'DELETE');
$url .= '?' . http_build_query($params);
break;
}

curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_SSLVERSION, 4);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

$response = curl_exec($curl);

$code = curl_getinfo($curl, CURLINFO_HTTP_CODE);

curl_close($curl);

if ($code == 200) {
$response = json_decode($response, true);
return $response;
} else {
//return $response;
return 'error';
}
}

Check if a user is already registered

//Get a session token to perform database actions for users
$token= GetDreamfactoryToken();

$usertocheck=$email; // $email= the email address to check against

$method = 'GET';
$url = 'https://[YOURHOST.COM]/api/v2/system/user';
$params = array(
'filter' => 'email="'.$usertocheck.'"',
'related' => 'user_to_app_to_role_by_user_id'
);

$response=CallDFAPI($method, $url, $token, $params);

if ($response!=‘error')
{
// process response Array
$regemail= $response["resource"][0]["email"];
if ($regemail == $usertocheck)
{
//Yes, user is already in dreamfactory host, now do something…
}
}

Register/Invite a new user via Dreamfactory

//Get a session token to perform database actions for users
$token= GetDreamfactoryToken();

//[SET USER PARAMETER]
$username= …
$email= …
$phone= …
$roleid= …

$method = 'POST';
$url = 'https://[YOUHOST.COM]/api/v2/system/user?send_invite=true';

//Set the correct POST data
$postbody='{ "resource": [ { "name": "'.$username.'", "email": "'.$email.'", "phone": "'.$invitedby.'", "is_active": true, "user_to_app_to_role_by_user_id": [ { "app_id": [YOURAPPID], "role_id": '.$roleid.' } ] } ] }';

$response=CallDFAPI($method, $url, $token, NULL, $postbody);

if ($response!='error')
{
// Success, user has been invited via DF host
//do something…
}

With these tools in place, von Thienen now has an effective solution for user management. But, the integration lets Wordpress and Woocommerce handle the front-end presentation layer and transaction.

Pretty impressive, and much better than that guy who tried to build the first wireless telegraph system for some islands back in 1899.

 

Get started with DreamFactory with a free hosted DreamFactory development environment. Or, download and run it on the server, cloud, or desktop of your choice.

Weekly Digest