I have an app that allows a user to login with facebook. Is there anyway to keep a device authorized. For example, every time a user needs to login with facebook they are routed to the facebook application, where they are then routed back to my app. Is there a way to check for an access token and not re-route the user. I am using expo-facebook package and react-native.
For the first time when user wants to login with facebook then Routing to the facebook API is necessary its official in the FB API docs ! But on second attempt it will not redirects you to the facebook to get data ,it implies fetches the token and you can move on !
Related
Hi I want to get a twitter user access token/refresh token so that My application can post/read tweets on behalf of the user..
I have a button in my app.. on clicking of the button, I need to show something like below image -
user should be able to provide his/her credential and if it is already logged in to twitter then he/she should only see authorize app button..
I created a new app in my developer twitter account.. but little clueless on how to get user's access token to post/read behalf of him...
Twitter uses OAuth1.0a unlike Facebook which uses OAuth2.0. The difference between OAuth1.0a and OAuth2.0 is that OAuth1.0a is more secure and you should use a server-based authentication flow because it involves api keys and secrets which we shouldn't be sharing with angular app.
On server side (NodeJS/Django, etc) you should use a client library for OAuth1.0 which will help you in complicated process of signing requests befores sending it to twitter.
Here is a useful link (which I also used) for you to implement the server flow:
https://github.com/requests/requests-oauthlib/blob/master/docs/oauth1_workflow.rst
Basically, the OAuth flow for twitter is as follows:
Send a POST request to oauth / request_token
You will get the authroization url from Step 1 like this https://api.twitter.com/oauth/authorize?oauth_token=XXX which you will redirect the user to so that they can authorize your app
Twitter redirects the user to your redirect url (which you sent with the request in previous step) with access_token and verifier.
You need to exchange the access_token and verifier for the actual usable user access token by sending a POST to oauth/access_token.
You can find more details for 3-legged OAuth flow here: https://developer.twitter.com/en/docs/basics/authentication/overview/3-legged-oauth
I am new to javascript and angularjs. I want to have login and roles for my angular app. I have written java rest api for login. When I call login API with user credential it returns TOKEN and ROLES. I also have TOKEN verification API which will verify TOKEN is valid or expired.
My requirements are
When user is not logged in then page should always route to signin page (/signin). Users should not be able to go to any other page by changing the URL like '/home' etc.
When user calls login API it returns TOKEN and ROLES. So each page should route based on ROLES.
example: should route to '/home' only if User entered correct credentials AND user ROLE is 'Admin'.
If user log in then user should not be able to go to '/signin' until user logs out. When user enters '/signin' it should always re-route to '/home'.
When logged in user close the browser and opens it again it should route to '/home'. (TOKEN and ROLES has to be stored in localstorage or cookies after user logs in successfully. and when user opens app it should check if TOKEN and ROLES available in localstorage. If NO then redirect to '/signin' If YES Redirect to home page and should load user info stored in localstorage.).
I want all the routing using UI-Router as I used it for my rest of the works
As I am new to frontend development and javascript - angularjs, I tried out many git projects. But I could not able to implement in my project. I want all the routing should happen using "ui-router".
Please help me and bear in mind that I am newbie in angularjs and javascript.
I try to build a web application that, through it, I can publish post on Facebook.
Problems come out when i wanna log the user without showing login popup, but only insert text and send message, without that nuisance.
But the login popup it's useful for provide use of my app to all user Facebook.
This app it's exclusive for one person, so i don't need that all user Facebook use my app. So I thought a login in function only for API ID/KEY owner
It's possible?
I have ASP.NET web application that
Runs on public computers
Allows users to register by using their Facebook accounts.
Must always logout a user from the Facebook after registration has been completed.
Registration process contains the following steps:
Registration page is shown with the Facebook icon.
When user clicks on the Facebook icon, he is redirected to the Facebook web site.
On the Facebook site user enters his email and password and clicks login.
On the Facebook site user clicks Allow to authorize my application.
User is redirected to my application.
The application registers used in the database.
The application calls FB.logout in order to logout from the Facebook. So when new user starts registration he cannot use account of previous user.
The application works perfect until user clicks Cancel at step 4.
When this happens, the browser is redirected to my application, the user remains signed into the Facebook but the application is not authorized by this user. This means that the application cannot logout this user from the Facebook by using the FB.logout method because the application does not have access token.
How to logout from the Facebook in this case?
Thank you.
How to logout from the Facebook in this case?
Not possible at all.
If logging a user out without a valid access token was possible, then every website I’m visiting could do that if they liked – I’m sure you can see how annoying that’d be to users, and that it’s therefor not possible.
I am trying to integrate Gigya(www.gigya.com) javascript api for social network login . I am successfully login with facebook. Also when I click on logout button it seems that i get logout from facebook. But when I again click on facebook login button then it not asking for login id and password, directly get login from my account.
The code is use is as follows:
gigya.services.socialize.logout(conf, {});
I have searched on gigya's forum and i found that it only logout from gigya's platform but not from the facebook.
Can any one know, how to get out from this problem? Please help..
they have maintain their cookies and session that's why you can not logout from all for example stackoverflow if you used openId then you know that. when you login using openid for e.g. google account id then open gmail you directly view your inbox and if you logout from the gmail/stackoverflow then only one of them will logout because they have maintain individual cookies and session for login time they for openid they create cookies related to that service provider like google or anyelse
for this to happen we need to set the flag forceProvidersLogout to true in the params that we sent to gigya.
Refer to the api link # http://developers.gigya.com/020_Client_API/020_Methods/socialize.logout