Add portal account creation to API

digibandit

The UI already supports creating portal accounts when adding/editing contacts (via agent/post/contact.php), but the API endpoints don't expose this functionality.

Use case

Automating client onboarding via n8n/webhooks. Create contact + portal account in one API call, then send welcome email with credentials. Update existing contacts to add portal access later.

Requested addition to api/v1/contacts/contact_model.php:

if (isset($_POST['contact_auth_method'])) { $auth_method = sanitizeInput($_POST['contact_auth_method']); } else { $auth_method = ''; } if (isset($_POST['contact_password'])) { $contact_password = trim($_POST['contact_password']); } else { $contact_password = ''; }

Requested addition to api/v1/contacts/create.php (matching existing agent/post/contact.php logic):

// Create User Account for portal access $user_id = 0; if ($name && $email && $auth_method) { if (!empty($contact_password)) { $password_hash = password_hash($contact_password, PASSWORD_DEFAULT); } else { $password_hash = password_hash(randomString(), PASSWORD_DEFAULT); } mysqli_query($mysqli, "INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password_hash', user_auth_method = '$auth_method', user_type = 2"); $user_id = mysqli_insert_id($mysqli); }

Then update the INSERT to include contact_user_id = $user_id.

Requested addition to api/v1/contacts/update.php (for updating existing contacts):

// Update or create User Account for portal access if ($auth_method && $email) { if ($existing_user_id) { mysqli_query($mysqli, "UPDATE users SET user_name = '$name', user_email = '$email', user_auth_method = '$auth_method' WHERE user_id = $existing_user_id"); $user_id = $existing_user_id; } else { if (!empty($contact_password)) { $password_hash = password_hash($contact_password, PASSWORD_DEFAULT); } else { $password_hash = password_hash(randomString(), PASSWORD_DEFAULT); } mysqli_query($mysqli, "INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password_hash', user_auth_method = '$auth_method', user_type = 2"); $user_id = mysqli_insert_id($mysqli); } mysqli_query($mysqli, "UPDATE contacts SET contact_user_id = $user_id WHERE contact_id = $contact_id"); }

API usage would be

POST /api/v1/contacts/create.php

{"api_key": "YOUR_KEY", "client_id": 1, "contact_name": "John Smith", "contact_email": "john@example.com", "contact_auth_method": "local", "contact_password": "TempPass123!", "contact_technical": 1}

PUT /api/v1/contacts/update.php

{"api_key": "YOUR_KEY", "contact_id": 123, "contact_name": "John Smith", "contact_email": "john@example.com", "contact_auth_method": "local"}

New parameters for docs

contact_auth_method (string, optional): Set to "local" or "azure" to create portal account
contact_password (string, optional): Portal password (random generated if auth_method set but password empty)

This mirrors the existing UI behavior exactly.

Needs testing and review, obvs.