Sanitation Handler on /register endpoint

[chattago2002]

Hi.

I'm trying to use the sanitation.handler on /register endpoint. It's not working... seems... or I'm not using it in the correct way.

This is my code:

'sanitation.handler' => function ($operation, $tableName, $column, $value) {
   $file = fopen("log.txt","a");
   fwrite($file, "$operation\n$tableName\n$column\n$value\n\n");
   fclose($file);
   if(($tableName == 'users') && $column['name'] == 'pwd')
      return $value . "xxx";
   return(password_hash($value,PASSWORD_DEFAULT));
},

I'd like to add a "salt" string to the user password (in some specific cases, this is a simplified example). I added the functionality to "log" the function variables but when /register is called log.txt doesn't change.

Is the sanitation.handler called on /register endpoint (so I have some mistakes) or it's not called?

[apps-caraga]

Based on the @mevdschee response in #955 , sanitation handlers are not available in dbAuth middleware, hence it is not called.

Anyway, I don't quite understand the purpose of adding "salt" to a password and at the same time, using the standard password_hash function which, based on its documentation, "will create a random salt if one isn't provided" password_hash docs. Basically, the output of password_hash already includes salt data

[chattago2002]

The reason is that I'd like to add a custom salt to who logs in via Google Login. I can make a step back and explain the master problem: I need to add Google Login in my React app (which is connected to API made with this tool) but using the default middelwares the user needs to login using username and password. When usign Google Login there is no password. How can I do?

[mevdschee]

I need to add Google Login in my React app. How can I do?

I would use auth0 to enable social login.

see also: https://github.com/mevdschee/php-crud-api/blob/main/examples/clients/auth0/vanilla.html