Search code examples
thingsboard

How to extend thingsboard user registration to phone number based user registration?

I am trying to implement phone number based user registration for thingsboard users.

Here is what I have tried:

1) Create an email user for the given phone number. For example : PHONE_NUMBER@mydomain.com in thingsboard via REST API call.

2) Create a custom REST api to enable this user & set password (entered by user along with phone number)

Now I am not sure where to call this api in thingsboard rule chain, so that the registered user is activated properly.

I thought it is the "Other" link in Root rule chain but that does not seem a correct place. When I put a "rest api call" node there, nothing happened.

Can someone please guide me to the right direction? Am I following the best possible path to implement phone-based authentication in thingsboard?

Solution

  • The message type you're looking for is a REST_API_REQUEST

    Notice that this message gets generated on every REST API call to the Rule Engine REST Service:

    http://host:port/api/rule-engine/
http://host:port/api/rule-engine/{entityType}/{entityId}

    So you could try including your login phone/password in the body of your custom request along with a new variable like this:

    Request Body:

    {
    username: '5778254@phone.com',
    password: 'adminadmin',
    loginType: 'phoneLogin' //or emailLogin'
}

    Then have a Switch node grab your message to a custom Rule Chain -> Filter only messages that contain the 'loginType' field -> Execute the REST API Call login with the proper transformation of the username.

    Note: If what you want is for example to have User A: email="usera@mail.com" and phone: "123456" be able to log in to TB both with:

     Login: phone + password
Login: email + password

    Then you'd need to keep a separate Database for looking for the email that matches the entered phone number with the email, and then logs in with the email. You'd have to have your custom rest service have a Rule Chain: Log in with a valid account to TB via REST API, receive the JWT_TOKEN-> use the REST API with this JWT_TOKEN to retrieve all the users from the group that you want to give this feature too -> Iterate over the Users until you find one that matches the Phone Number -> return the email from the found user to the Client App -> Have the Client application login with the username. Thus, the user would never know that he's actually logging with the email.

    Hope this helps.

    EDIT: Fixed a mistake. REST_API_REQUEST message will only generate on the REST service for the Rule Engine, not on every REST request.