User Signup

This example shows how you can implement user signup on the server side using the DID Token.

The example assumes:

You have already configured your client-side app with the Magic Client SDK

You will only need to handle the DID Token. No more password handling ✨

important

It is important to always validate the DID Token before using.

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Magic;

class UserController extends Controller
{
    function signup(Request $request){
        
        $did_token = $request->bearerToken();

        if ($did_token == null) {
            // DIDT is missing from the original HTTP request header.
            // You can handle this by remapping it to your application error.
        }

        try {
            // Validate the did token
            Magic::token()->validate($did_token);
            $issuer = Magic::token()->get_issuer($did_token);
            $user_meta = Magic::user()->get_metadata_by_issuer($issuer);
        } catch (Throwable $e) {
            // DIDT is malformed.
            // You can handle this by remapping it to your application error.
            report($e);
            return false;
        }

        if ($user_meta->data['email'] != $email) {
            // Unauthorized sign-up.
            // You can handle this by remapping it to your application error.
        }

        // Call your application logic to save the user.
        $logic->user->add($name, $email, $issuer);

        // Final step, call your application logic to sign up and/or log in the user.

    }
}