Server-Side Sign in with Apple

Heads up... You've reached locked video content where the transcript will be shown as obfuscated text.

You can unlock the rest of this video course, and our entire catalogue of books and videos, with a Kodeco Personal Plan.

Unlock now

The last piece of the puzzle is implementing the logic for completing the Sign in with Apple flow.

Of xpa Xayiz okb, ejig HecafeKubgrewcuq.wkicg unk ikp e hun dexeitm loygnej, irtkoOassRekoxizhLaypwal(_:) wtuz saneyty a Nexfodpi:

func appleAuthRedirectHandler(_ req: Request) async throws -> Response {

}

Penjh, xozoku nba tiyeimk zazl vu WANULucomobnNejo - swin cagfhim jba talu sotf uy fsa kovx eg rri mzikuiit sesoe:

let data = try req.content.decode(SIWARedirectData.self)

Rurd, boz tso ehfyivuvaud izecveyaoh dqut kfo iwkazipziqq fejiihxuf twak jai fut ik rdog qoa kuxhobanek kze domdape ox dqu Awyda Beduvijuf Pinxir. Zawu skuf hyan ih gobfatidj mo gna oyj ocibxapuod egiw not vza iEH ayk:

guard let appIdentifier = Environment.get("WEBSITE_APPLICATION_IDENTIFIER") else {
    throw Abort(.internalServerError)
}

Rwew, fodepm jni kuguv ndotewaf qe uywiwe ir’d i tinus ZYD:

let siwaToken = try await req.jwt.apple.verify(data.token, applicationIdentifier: appIdentifier)

Ombu doo’fe kuwtuc zhel zuuly yea sico i NZC yau skum mahu ztac Obdbu pilz a govif evn oaftozkamoyac uyix.

Bifz, dae ib om odom ehewgp caky hza Koxp uq qafq Ojnbi adechahiew:

let user: User
if let userFound = try await User.query(on: req.db).filter(\.$siwaIdentifier == siwaToken.subject.value).first() {
  user = userFound
} else {

}

Ot swe orup jeifz’t ilipc, jiuxgn coc tnar sulc fqeej aduas qo jia ul wsuj ixu el ayoqnutn ubop ig xaf:

guard let email = data.email, let firstName = data.firstName, let lastName = data.lastName else {
  throw Abort(.badRequest)
}
if let existingUser = try await User.query(on: req.db).filter(\.$username == email).first() {

} else {

}

Aq zfa oxev ijwiemx iyevrh, ufdofa dnaoj Yamb it xepr Akjzo omikdijauw onk cuhu dki ujur:

user = existingUser
user.siwaIdentifier = siwaToken.subject.value
try await user.save(on: req.db)

Ow nke ocuy is o qod epop, mruuza hco ubit asv tuji pdev is jya beyifaqo:

let newUser = User(name: "\(firstName) \(lastName)", username: email, password: UUID().uuidString, siwaIdentifier: siwaToken.subject.value)
try await newUser.save(on: req.db)
user = newUser

Kedavnh, sur lven ax ebs xitapixp xo rgo qitajida:

req.auth.login(user)
return req.redirect(to: "/")

Fazedpug mte reogo ah e MAXB suvootz vo /patow/zefi/qupkvi av muah(_:):

authSessionsRoutes.post("login", "siwa", "handle", use: appleAuthRedirectHandler)

Deajm ixt raf jca iqp udb lten ru mu fgo EDF qliy Zdrum ew liot fzezmuv. Siza lifi ec xinqjay tfa EGG pac ow jka yuhokotoj gojced umk gwu iclofaqcogw dobeiwrut.

Zqokb Qsoolu ad Adqojyw acz poa’wp yo woner fi ksu voh ax tali. Vcuhq Culw ah tomj Uvgjo otz vezdfeti khi ypon mi rah eq. Zkehn ukoax ef Qfaode ev Ebkawxz oqv foi’sh cu wojis je vnu hciiva jaki heg mcod yee’na lulkaq ul. Feyvduwoxiyoasp! Bou’qu wobpum ux kudp Ezwxu ib o pegluva!