In android user can google sign in into android app with Firebase Authentication.
But if app using WebView, logged user data does not affect it.
Is there a way to log in specific url of Webview ( or accounts.gooogle.com ) with signed user data ?
Example : www.example.com has Sign In with Google Button
In webview.loadurl(example.com) -> when click Sign In Button sending user to new page wants write email then password then two factor auth with user phone wants approve etc.. This is cancer for user.
But after one time login user can login other websites with one click to google signin button.
But, if user load same url with their mobile chrome -> when click log in button then select already added account and finish.
Or any way to log in with this url https://accounts.google.com/o/oauth2/v2/auth/... url ( most of websites redirect to this url when google log in button clicked ) contains form method=post. Can we login with user id_token inside javascript code?
So here two times user needs to log in
Here not
I tried to login with javascript code because we run that code on webview too. But I dont know js much.
Related
I want to send email link to user's email to authenticate user in my extension. How to automatically detect when the user clicked the link in email?
I've configured up to sending email. But my problem is extension popup still shows login form even after user clicked the link.
I'm using React.
How to automatically provision the access to user after he has clicked the email link?
How to automatically detect when the user clicked the link in email?
Firebase will log user on the device on which they clicked the link. Even if it's the same device, it'll most probably in a different tab. Easiest thing to do would be using Firebase Realtime Database.
When use enters email, send the sign in link and listen on a particular node in relatime database.
When use clicks on that link and is redirected to any page after login, update the value that node in RTDB.
When the update is received, do the changes required.
However this won't work is user uses the link on a completely different device so a custom solution might be needed.
i recently started working on a project that it required a Facebook login button.
I have successfully set up the button apart from the part where I must redirect the user to my dashboard area which must only be accessible to registered users.
From my understanding I need to fill this field here in the developers facebook settings page
which will redirect the user to my dashboard. I am guessing that the redirection link must include a token which will login the user automatically in my dashboard. Am I right so far?
My concern is if that link can be accessed by anyone and if someone get their hands on it can use it to login to my app without registering.
I integrated Google Sign-In on my website.
However, if I visit my website again without cleaning the history of the browser, it automatically signs in the website and moves to the redirected page.
If I sign out and go back to the sign in page, it does not automatically signs in, however, if I click the Google Sign-In button, it does not ask me my account and password and send me to the redirected page.
I want to make the browser stay at the sign-in page until a user clicks the Google Sign-In button. Also, I want it to ask a user her/his account and password every time.
How can I do that?
Thank you.
Last Part: I want it to ask a user her/his account and password every time. :
If user has authenticated the app (Give permission on first time), then it will not ask for username or password from next time that is 'Allow Access' page will not come. (Given User is also SignedIn in browser with same google account)
However if user is not signed in, then Google will ask to Sign in through pop up window.
First Part : Only cleaning the history will not help. Try clearing Cache of the browser (Ctl-Shft-Del shortcut).
I am working on login with facebook into our site. I am using facebook js sdk for this. Now, if I clicked on fb login button (which is placed in our site), it opens a popup window asking for user name and password. If I login here by entering correct username and password, its logging in, after that, it gives the required info to me. so, I am passing that info into our site and logging the user. No issue in this flow. But, if user already logged into facebook directly by opening facebook.com from browser and opened our site in separate tab . Our site will also contains "login with facebook" button. So, when user clicks on this button, it opens a login window and closes immediately without giving any user info. I guess it is because, user already logged into facebook. But here also I need the logged in user info. How do I achieve this?
Please help me out.
Any help would be appreciable.
I have ASP.NET web application that
Runs on public computers
Allows users to register by using their Facebook accounts.
Must always logout a user from the Facebook after registration has been completed.
Registration process contains the following steps:
Registration page is shown with the Facebook icon.
When user clicks on the Facebook icon, he is redirected to the Facebook web site.
On the Facebook site user enters his email and password and clicks login.
On the Facebook site user clicks Allow to authorize my application.
User is redirected to my application.
The application registers used in the database.
The application calls FB.logout in order to logout from the Facebook. So when new user starts registration he cannot use account of previous user.
The application works perfect until user clicks Cancel at step 4.
When this happens, the browser is redirected to my application, the user remains signed into the Facebook but the application is not authorized by this user. This means that the application cannot logout this user from the Facebook by using the FB.logout method because the application does not have access token.
How to logout from the Facebook in this case?
Thank you.
How to logout from the Facebook in this case?
Not possible at all.
If logging a user out without a valid access token was possible, then every website I’m visiting could do that if they liked – I’m sure you can see how annoying that’d be to users, and that it’s therefor not possible.