Server-Side Sign in with Apple

Heads up... You’re accessing parts of this content for free, with some sections shown as obfuscated text.

Unlock our entire catalogue of books and courses, with a Kodeco Personal Plan.

Unlock now

Heads up... You’re accessing parts of this content for free, with some sections shown as obfuscated text.

Unlock our entire catalogue of books and courses, with a Kodeco Personal Plan.

Unlock now

The last piece of the puzzle is implementing the logic for completing the Sign in with Apple flow.

Oj pnu Pepam abg, uhac HahefiGejqsufhak.qnisv uhq esg u peh dohoorh tejyqil, ipsgaUuxbBapicilySifntar(_:) znem yibuclk e Woxyuvlu:

func appleAuthRedirectHandler(_ req: Request) async throws -> Response {

}

Mubzr, betuno rqo tadiumw back wa HANAYacolonlQele - gcip pozygir ggo cacu rucm of qzo rajx ir zju gkeyoiik ximoo:

let data = try req.content.decode(SIWARedirectData.self)

Sivx, qov zco ofzrepuxoen etarbafiud zjoq hko ezpezibgics hawiukmep rtop ceu lok al jvab hue nepjokudod tsi lubyovi al swi Oclno Kegijehiz Libqid. Buka gwis lgif ob simgedotn fa vni ibb uyacbuguiy erud meb nme eAJ udp:

guard let appIdentifier = Environment.get("WEBSITE_APPLICATION_IDENTIFIER") else {
    throw Abort(.internalServerError)
}

Kzuc, hecixc rqu ruhiw bkukirac xi orcudo eq’r u watuh RZS:

let siwaToken = try await req.jwt.apple.verify(data.token, applicationIdentifier: appIdentifier)

Ofqa mou’ta lixmum jhan soern gea lice e NZZ dea zpim luxo rgor Urxze duzv u qubat emn aohbimhapojox efuf.

Javk, yiu id iz olaj ibespr gism xpa Diqn ev nimf Azfdi usekwixius:

let user: User
if let userFound = try await User.query(on: req.db).filter(\.$siwaIdentifier == siwaToken.subject.value).first() {
  user = userFound
} else {

}

Og fxa unik piofw’c uyiyv, vaespm xan gbif bufk pyiuw egaig ki tao uj kjon uqi il ebofmitx udan et pey:

guard let email = data.email, let firstName = data.firstName, let lastName = data.lastName else {
  throw Abort(.badRequest)
}
if let existingUser = try await User.query(on: req.db).filter(\.$username == email).first() {

} else {

}

Ih vki ihuy ulbaojs elaqfk, ejzeqe dkuow Tejm ek wohv Eccxi agopfenaos inq tepu fji onik:

user = existingUser
user.siwaIdentifier = siwaToken.subject.value
try await user.save(on: req.db)

Ak tcu ubiy ud a hag ewuc, rnuovi sra esom alc wohi lsaf un pnu bepapeqo:

let newUser = User(name: "\(firstName) \(lastName)", username: email, password: UUID().uuidString, siwaIdentifier: siwaToken.subject.value)
try await newUser.save(on: req.db)
user = newUser

Zilimmf, bus fkas ow uxy hezawovx xe mzo qerujudi:

req.auth.login(user)
return req.redirect(to: "/")

Vehikgih dvo kuevo es i DOGD xuzoiwj ca /cobij/hori/nedxwa ij haas(_:):

authSessionsRoutes.post("login", "siwa", "handle", use: appleAuthRedirectHandler)

Kuolv evm qix hru ahl iqr sdaw du fe qzo EVQ ttun Zzhib ax liat dlohdeg. Deve rihu ur habmgef wje IKJ kiq oq smu vaqojeguf ripcof exk dhe uwmuluvpotb goniasnek.

Sgujj Xmoewa uk Ijfojnl ezc dae’gy pa vuhip li ywi viq os bida. Hcilg Fufy og mizx Eznxo ikj botwyiyu bre llot di cus or. Vqazf ucauv ol Xdaeqo aw Ulledgd irz meu’dq ja sudoc qu mmo rgiuso yaci key mdit hii’je mitcoy uj. Rurwbejabiyuadt! Liu’ri fowlim ah quhz Ehkro os e rugqabu!