MyVideoGameList/myvideogamelist.com

Fork 0

Create Fider account when new user signs up #360

New issue

Closed

opened 2026-06-03 23:59:03 -05:00 by Codex · 2 comments

Codex commented

2026-06-03 23:59:03 -05:00

Member

Fider API reference: https://docs.fider.io/api/users#create-user

Scope

Add a backend integration for creating a Fider user during successful website registration.
Configure the Fider API base URL and credentials using environment-backed Laravel config.
Send the newly registered user identity fields that Fider requires, using the Create User API.
Decide and document the failure behavior for Fider provisioning, such as whether registration continues with logging or fails visibly.
Keep the implementation compatible with the existing account-disable work tracked in #46.

Acceptance Criteria

A successful MyVideoGameList registration attempts to create the corresponding Fider account exactly once.
The integration uses configurable Fider API settings and does not hard-code secrets or production URLs in application code.
Fider request failures are handled intentionally and leave enough log context to troubleshoot without exposing secrets.
Duplicate or already-existing Fider users are handled safely so a retry or repeated registration attempt does not create inconsistent local state.
The registration response and authentication behavior remain unchanged unless Fider provisioning is explicitly chosen to block account creation.

Test Coverage Required

Feature coverage for the registration flow proving the Fider create-user request is sent after a valid signup.
Coverage for Fider API failure behavior based on the chosen policy.
Regression coverage showing invalid registration submissions do not call Fider.

Progress Checklist

Add Fider API configuration.
Implement the create-user integration behind a focused service/client.
Hook Fider provisioning into the Fortify user creation flow.
Add registration tests for success, failure, and invalid-input cases.
Verify compatibility with the account disable/delete follow-up in #46.

New MyVideoGameList registrations should also provision a matching Fider user so feedback access is ready as soon as the account exists. The current registration path is handled through `App\Actions\Fortify\CreateNewUser`, so this work should add the Fider provisioning step without weakening the existing validation, throttling, or login flow. Fider API reference: https://docs.fider.io/api/users#create-user ## Scope - Add a backend integration for creating a Fider user during successful website registration. - Configure the Fider API base URL and credentials using environment-backed Laravel config. - Send the newly registered user identity fields that Fider requires, using the Create User API. - Decide and document the failure behavior for Fider provisioning, such as whether registration continues with logging or fails visibly. - Keep the implementation compatible with the existing account-disable work tracked in #46. ## Acceptance Criteria - A successful MyVideoGameList registration attempts to create the corresponding Fider account exactly once. - The integration uses configurable Fider API settings and does not hard-code secrets or production URLs in application code. - Fider request failures are handled intentionally and leave enough log context to troubleshoot without exposing secrets. - Duplicate or already-existing Fider users are handled safely so a retry or repeated registration attempt does not create inconsistent local state. - The registration response and authentication behavior remain unchanged unless Fider provisioning is explicitly chosen to block account creation. ## Test Coverage Required - Feature coverage for the registration flow proving the Fider create-user request is sent after a valid signup. - Coverage for Fider API failure behavior based on the chosen policy. - Regression coverage showing invalid registration submissions do not call Fider. ## Progress Checklist - [x] Add Fider API configuration. - [x] Implement the create-user integration behind a focused service/client. - [x] Hook Fider provisioning into the Fortify user creation flow. - [x] Add registration tests for success, failure, and invalid-input cases. - [x] Verify compatibility with the account disable/delete follow-up in #46.

jimmyb added this to the Laravel 13 + TailwindCSS project

2026-06-04 00:00:05 -05:00

jimmyb added the

component: backend

component: user profiles

labels

2026-06-04 00:00:42 -05:00

jimmyb added

and removed

labels

2026-06-04 08:50:48 -05:00

Codex added the

source: codex

label

2026-06-04 11:08:18 -05:00

jimmyb commented

2026-06-04 15:57:47 -05:00

Owner

The code we currently use to do this is in app/Http/Controllers/Auth/RegisteredUserController.php on the production site (https://myvideogamelist.com). The code is:

/* Add account into Fider (https://features.myvideogamelist.com). */
$json = '{"name": "' . $request->username . '", "email": "' . $request->email . '"}';

$curl = curl_init();

curl_setopt_array($curl, array(
    CURLOPT_URL => "https://features.myvideogamelist.com/api/v1/users",
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_ENCODING => "",
    CURLOPT_MAXREDIRS => 10,
    CURLOPT_TIMEOUT => 0,
    CURLOPT_FOLLOWLOCATION => true,
    CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
    CURLOPT_CUSTOMREQUEST => "POST",
    CURLOPT_POSTFIELDS => $json,
    CURLOPT_HTTPHEADER => array(
        "Content-Type: application/json",
        "Authorization: Bearer $FIDER_API_TOKEN"
    ),
));

curl_exec($curl);

curl_close($curl);

The code we currently use to do this is in `app/Http/Controllers/Auth/RegisteredUserController.php` on the production site (https://myvideogamelist.com). The code is: ```php /* Add account into Fider (https://features.myvideogamelist.com). */ $json = '{"name": "' . $request->username . '", "email": "' . $request->email . '"}'; $curl = curl_init(); curl_setopt_array($curl, array( CURLOPT_URL => "https://features.myvideogamelist.com/api/v1/users", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => "", CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 0, CURLOPT_FOLLOWLOCATION => true, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POSTFIELDS => $json, CURLOPT_HTTPHEADER => array( "Content-Type: application/json", "Authorization: Bearer $FIDER_API_TOKEN" ), )); curl_exec($curl); curl_close($curl); ```

jimmyb self-assigned this

2026-06-04 16:04:33 -05:00

Codex commented

2026-06-04 16:31:27 -05:00

Author

Member

Implemented in 23b5ed7 on dev.

Notes:

New registrations now call a focused ProvisionFiderUser action after the local user transaction succeeds.
Fider configuration is environment-backed with FIDER_URL and FIDER_API_KEY; no production URL or secret is hard-coded in application code.
The create-user request sends name, normalized email, and local user id as reference, which matches Fider's duplicate-safe email/reference behavior.
Fider API failures are intentionally non-blocking for registration and are logged with user/status context without logging secrets.
The related #46 compatibility path is covered too: Fider status sync now handles account deletion and admin bans.

Verification:

vendor/bin/pint --dirty --format agent
php artisan test --compact tests/Feature/Auth/RegistrationTest.php
php artisan test --compact tests/Feature/Auth/RegistrationTest.php tests/Feature/FiderUserStatusSyncTest.php -> 21 passed, 110 assertions

Implemented in `23b5ed7` on `dev`. Notes: - New registrations now call a focused `ProvisionFiderUser` action after the local user transaction succeeds. - Fider configuration is environment-backed with `FIDER_URL` and `FIDER_API_KEY`; no production URL or secret is hard-coded in application code. - The create-user request sends `name`, normalized `email`, and local user id as `reference`, which matches Fider's duplicate-safe email/reference behavior. - Fider API failures are intentionally non-blocking for registration and are logged with user/status context without logging secrets. - The related #46 compatibility path is covered too: Fider status sync now handles account deletion and admin bans. Verification: - `vendor/bin/pint --dirty --format agent` - `php artisan test --compact tests/Feature/Auth/RegistrationTest.php` - `php artisan test --compact tests/Feature/Auth/RegistrationTest.php tests/Feature/FiderUserStatusSyncTest.php` -> 21 passed, 110 assertions

Codex

2026-06-04 16:31:34 -05:00