Skip to content
This repository has been archived by the owner on May 5, 2023. It is now read-only.

Registration Process

Jump to bottom
The Drone edited this page Apr 1, 2020 · 1 revision

One of the very important processes is the registration process and here's how carnival will handle it's registration process.

NOTE : *carnival uses only OAuth2 to handle it's users. It has no password or login form of it's own.

  1. As soon as the user clicks on the Register using [some-service] button, they must be redirected to auth/auth/register/[some-service] which will redirect them to the appropriate OAuth2 authentication link.

  2. Once authenticated from a OAuth2 identity provider, the user will be redirected to auth/register/[some-service] where their data will be fetched and then their email will be stored in a cookie named email.

  3. Next, they will be redirected again to /final/ where they will be asked for their username. the validity of the username can be checked by making a HTTP GET request to /user/check/<username> which will then return either "true" or "false" (string, not boolean) depending on availability of the username.

  4. If the username is valid, the user's registration can be completed by sending a HTTP POST request to user/final/submit/. the request data body must be as follows: -

    {
    "username": "<user-entered-username>"
}

    and the content-type request header must be set to application/json and no other custom header must be set.

  5. The above request will return one of the five possible results: -

    1. Everything was successful. in this case, the user's entry will be made to the database and the user will be logged in. this will return a status code 201(created) and also a response body as given below: -

      {
    "success": true
}

    2. User was successfully registered but there was an unable to login properly. this will result in a response code 500(internal server error) and the following response body: -

      {
    "success": false,
    "error": "unable to sign the secret."
}

    3. A DB operation was performed but the user was not registered. this will result in a response code 500(internal server error) and the following response body: -

      {
    "success": false,
    "error": "unable to insert into db."
}

    4. There was an error with the db operation itself. This will result in a response code 400 (bad request) and the following response body: -

      {
    "success": false,
    "error": "User already registered."
}

      As this issue is only possible if the

    5. Either the email cookie did not exist or an invalid username was provided. this will result in response code 405(method not allowed) and response body: -

      {
    "success": false,
    "error": "email id or username not specified."
}

This is all there is to the registration process. Carnival is hoping to support 3 identity providers for authentication: -

  • discord
  • github
  • google

Discord OAuth2 has been already successfully implemented, next up is GitHub OAuth2. Google OAuth2 has to wait because Google requires presence of both a valid privacy policy and a valid terms of service page before they allow implementing Google OAuth2.

Clone this wiki locally