Fixing Multipasses Without Unique IDs

While the Tender Multipass functionality has been around in Tender for awhile, we only just recently started adding support for unique IDs across your users. Unique IDs are pretty important if you don't want Tender to create new user profiles every time one of your users changes their email address. If no unique ID is set, then Tender uses the email address as the default.

This example will go through the steps to set unique IDs for all Lighthouse users in http://help.lighthouseapp.com.

First, we updated the generated Multipasses from Lighthouse. The template code looks something like this:

<a href="http://help.lighthouseapp.com?sso=<%= CGI.escape(current_user.multipass) if logged_in? -%>" 
  title="File a support request">
  <strong>Lighthouse Support</strong></a>

The old multipass was generated from the email, name, and expires fields:

  def multipass
    @multipass ||= self.class.multipass.encode(
      :email => email, 
      :name => name, 
      :expires => 30.minutes.from_now)
  end

We simply added a unique_id that matches the internal Lighthouse ID, and alternate_id that matches the email. This ensures that existing users have their unique_id attributes updated the next time they log into Tender with the Multipass token.

  def multipass
    @multipass ||= self.class.multipass.encode(
      :email => email, 
      :name => name, 
      :expires => 30.minutes.from_now,
      # use an MD5 hash to protect the real internal ID from Tender
      :unique_id => MD5.hexdigest("lh-#{id}"), 
      :alternate_id => email)
  end

You can also perform a bulk update with your users through the Tender API.

curl -H "Accept: application/json" \
  -H "X-Multipass: THE-MULTIPASS-TOKEN" \
  "https://api.tenderapp.com/lighthouse/profile"

Assuming you pass in a proper Multipass token with the unique_id and alternate_id attributes, this should update the user's external_id json attribute.