User Signup

This example shows how you can implement user signup on the server side using the DID Token.

The example assumes:

  • You have already configured your client-side app with the Magic Client SDK
  • You are already using a PHP Web Framework (Laravel, etc.) Web framework's specific imports are omitted in favor of the simplicity of the example. Only the magic_admin related imports are shown below

You will only need to handle the DID Token. No more password handling โœจ

important

It is important to always validate the DID Token before using.

require_once('vendor/autoload.php');
$did_token = \MagicAdmin\Util\Http::parse_authorization_header_value(
getallheaders()['authorization']
);
if ($did_token == null) {
// DIDT is missing from the original HTTP request header. You can handle this by
// remapping it to your application error.
}
$magic = new \MagicAdmin\Magic('<YOUR_API_SECRET_KEY>');
// Validate the did_token.
try {
$magic->token->validate($did_token);
$issuer = $magic->token->get_issuer($did_token);
$user_meta = $magic->user->get_metadata_by_issuer($issuer);
} catch (\MagicAdmin\Exception\DIDTokenException $e) {
// A malformed DIDT. You can handle this by remapping it to your application
// error.
} catch (\MagicAdmin\Exception\RequestException $e) {
// HTTP error. You can handle this by remapping it to your application
// error.
}
if ($user_meta->data['email'] != $email) {
// Unauthorized sign-up. You can handle this by remapping it to your application
// error.
}
// Call your application logic to save the user.
$logic->user->add($name, $email, $issuer);
// Final step, call your application logic to sign up and/or log in the user.