Impersonate a user

This example shows you how to create a Smart Action "Impersonate" to login as one of your customers.

It can be useful to help your customers debug an issue or to get a better understanding of what they see on their account (in your app).

Requirements

  • An admin backend running on forest-express-sequelize/forest-express-mongoose

How it works

Directory: /models

This directory contains the users.js file where the model is declared.

Sequelize
Mongoose
Sequelize
/models/users.js
module.exports = (sequelize, DataTypes) => {
const { Sequelize } = sequelize;
const Users = sequelize.define('users', {
email: {
type: DataTypes.STRING,
},
createdAt: {
type: DataTypes.DATE,
},
//...
}, {
tableName: 'users',
timestamps: false,
schema: process.env.DATABASE_SCHEMA,
});
Users.associate = (models) => {
};
return Users;
};
Mongoose
/models/users.js
const mongoose = require('mongoose');
const schema = mongoose.Schema({
'email': String,
'createdAt': Date,
...
}, {
timestamps: false,
});
module.exports = mongoose.model('users', schema, 'users');

Directory: /forest

This directory contains the users.js file where the Smart Action Impersonateis declared.

Sequelize
Mongoose
Sequelize
/forest/users.js
const { collection } = require('forest-express-sequelize');
collection('users', {
actions: [{
name: 'Impersonate',
type: 'single'
}],
});
Mongoose
/forest/users.js
const { collection } = require('forest-express-mongoose');
collection('users', {
actions: [{
name: 'Impersonate',
type: 'single'
}],
});

Directory: /routes

This directory contains the users.js file where the implementation of the route is handled. The POST /forest/actions/impersonate API call is triggered when you click on the Smart Action in the Forest UI.

Sequelize
Mongoose
Sequelize
routes/users.js
router.post('/actions/impersonate',
(req, res) => {
let userId = req.body.data.attributes.ids[0];
response.send({
webhook: { // This is the object that will be used to fire http calls.
url: 'https://my-app-url/login', // The url of the company providing the service.
method: 'POST', // The method you would like to use (typically a POST).
headers: { }, // You can add some headers if needed (you can remove it).
body: { // A body to send to the url (only JSON supported).
adminToken: 'your-admin-token',
},
},
success: `Impersonating user ${userId}`, // The success message that will be toasted.
redirectTo: 'https://my-app-url/', // Force the redirection to your app if needed.
});
});
module.exports = router;
Mongoose
/routes/users.js
router.post('/actions/impersonate',
(req, res) => {
let userId = req.body.data.attributes.ids[0];
response.send({
webhook: { // This is the object that will be used to fire http calls.
url: 'https://my-app-url/login', // The url of the company providing the service.
method: 'POST', // The method you would like to use (typically a POST).
headers: { }, // You can add some headers if needed (you can remove it).
body: { // A body to send to the url (only JSON supported).
adminToken: 'your-admin-token',
},
},
success: `Impersonating user ${userId}`, // The success message that will be toasted.
redirectTo: 'https://my-app-url/', // Force the redirection to your app if needed.
});
});
module.exports = router;

This is useful for authentication using cookies. By using this exemple, you're performing the login request directly from the browser. Thus, the cookies will be automatically sent from your own service to the browser (as you'd normally do with your own app).