feature: Endpoint user Info

[pablfr]

Is your feature request related to a problem?

Yes : I get "User already exists." errors. The only way to correct this for me is to make manual changes in the base.

Describe the solution you'd like

Create endpoint that can get the UserID by email or vice versa.

Additional context (optional)

After that it can also help for updates of name, surname, mail, .....

[dani3l3]

Hi, a user's perspective, since I have been using this jewel in production for over a year and I am extremely satisfied with it and grateful to the author.

I have been scratching my head with this for a while, too.... but the way I had initially implemented my single sign on was: 1) try to create the user - succeed or wait for the exception 2) either way, log him in.

This has been running fine with no error whatsoever for over a year.

Recently I changed it a little bit, and I recently created my own custom API in WP (with a custom auth scheme that fits in our larger platform so I can call it easily from the other system's APIs - I cannot share it in this form but it's very basic code to expose a wordpress user by email) so that I can call it and check if the user exists BEFORE attempting to create it. I was hoping it would be faster than raising the exception and dealing with it. I was partially right, it's a little faster... but, to be honest, the perf gain hasn't been as substantial as I was hoping, particularly if there are many users in WP to search thru. It still might be a useful api - and at this point I am using it.... but in the sake of simplicity, the plugin is stil very good and useful without it.

If I can chime in and I had to request a wish - and yes, THAT would probably bring more perf improvement - would be to have a combined way to "create&login" (where, internally, it would do the 'exists already' check, much faster than from the remote system, before logging in... potentially it could even look up/update some additional fields if they have changed since creation, yes...).

[dani3l3]

A basic example of Wordpress API to lookup users by username/email is here https://github.com/dest81/wp-api-get-user-by-username but it's quite old (2015) and I had to adapt it to my needs and to some newer stuff that has changed since, but it's really basic stuff i.e. you register a route

    function custom_register_routes() {
        register_rest_route( 'custom/v1', '/users/email/(?P<email>.+)', array(
          'methods' => 'GET',
          'callback' => array($this,'custom_get_user_by_email'),
          'permission_callback' => '__return_true', // CAREFUL THIS MAKES IT POSSIBLE TO DO ANONYMOUS CALLS/ENUMERATION TO ANYONE; THE REAL AUTH MECHANISM IS SUPPOSED TO BE IMPLEMENTED BELOW
        ) );

      }

and yo uneed to hook up your route

add_action( 'rest_api_init', 'custom_register_routes') ;

and then in the function you do something like (example below adapted from my production code but completely with bogus authentication, only to give the idea of the WP plumbing part)

public function custom_get_user_by_email($request) {
       $email = (string) $request['email'];
       $user = get_user_by( 'email', $email );

       if (customAuthCheckPasses()) {
            if ( empty( $user->ID ) ) {

                return new WP_Error( 'invalid_user', 'There are no users with that email', array('status' => 404) );

            }

            $response = new WP_REST_Response($user);
            $response->set_status(200);

            return $response;

        }
        else
        {
            return new WP_Error( 'invalid_auth', 'You are not authorized', array('status' => 403) );
        }
}

[pablfr]

Thanks for your feedback, I like your logic I will see how I can implement it.