Passwordless Login API¶
Description¶
A user can be logged in without a password using the API documented below.
This functionality can be used only in CloudCode (Java, JS or Codeless), the reason for this restriction is that a malicious use of this API can easily compromise application's security. As a result, this API must be used from a controlled environment.
Method¶
Non-Blocking API
public void Backendless.UserService.login( String objectId, AsyncCallback<BackendlessUser> responder, boolean stayLoggedIn )
Blocking API
public BackendlessUser Backendless.UserService.login( String objectId, boolean stayLoggedIn )
where:
Argument | Description |
---|---|
objectId |
Unique identifier of the user account which is used for login operation. String value. |
stayLoggedIn |
Optional parameter. A boolean value requesting user login information to be saved so it can be reused when the application restarts (or page is reloaded). |
Return Value¶
The BackendlessUser
object containing user data.
{
"objectId" : value,
"user-token": value,
"prop-name1":value,
"prop-name2":value,
"prop-name3":value,
...
}
The "objectId"
property is a unique identifier assigned by Backendless to the user account. The "user-token"
value identifies the user session initiated by the Login operation.
Example¶
The example below logs in as the user account associated with the following objectId
: "4D584E4D-05A3-4AC4-90C7-B80D1584E7AD"
.
Non-Blocking API
String objectId = "4D584E4D-05A3-4AC4-90C7-B80D1584E7AD";
Backendless.UserService.login( objectId, new AsyncCallback<BackendlessUser>()
{
@Override
public void handleResponse( BackendlessUser backendlessUser )
{
// result handling logic
}
@Override
public void handleFault( BackendlessFault backendlessFault )
{
// error handling logic
}
}, true );
Blocking API
String objectId = "4D584E4D-05A3-4AC4-90C7-B80D1584E7AD";
BackendlessUser user = Backendless.UserService.login( objectId, true );
CloudCode Codeless Reference¶
where:
Argument | Description |
---|---|
object id |
Unique identifier of the user account which is used for login operation. |
return user |
Optional parameter. When this option is checked, the operation returns the BackendlessUser object containing user data. |
Important
This Codeless block is only available in CloudCode due to the security reasons. If this operation is exposed to users, then your application can be compromised.
This operation allows developers to log in to a specific user account without credentials such as identity or password. The operation only requires a unique identifier of a user (object id).
Consider the following record in the Users
data table:
The example below logs in as "alice@yourmail.com"
associated with the objectId: "4D584E4D-05A3-4AC4-90C7-B80D1584E7AD"
.
The BackendlessUser
object will look as shown below after the Codeless logic runs: