I have a PWA app where one of the options you have to sign-in is Facebook, everything goes well and if you're in the browser the login works really well. The problem happens when you add the website to your mobile and it opens in PWA and you click log-in from Facebook it opens a blank page and it doesn't redirect to the app, if you close the page, go back to the app and click again facebook the user is logged in, but does anyone has any idea how to get rid of the white/blank page?
I have tried 'redirect_uri' and 'display: touch,' but none of this seems to be working anymore.
A blank page after login is a common problem when using Facebook as a sign-in method, especially when we’re in development mode.
It happens because you already logged in and authorized the app, so when it tries to log-in again, it goes blank.
The most straightforward way to fix this is first to check if the user has already logged in and authorized your app before calling the .login() function.
Luckily, Facebook provides a function to do it, where they handle (almost) everything for you.
The getLoginStatus() function
The getLoginStatus() functions determines 1) if a user is signed into Facebook and 2) if the user has already authorized your app.
There are three possible states for a user:
The user is logged into Facebook and has authorized your app, in this case, the function will return: connected.
The user is logged into Facebook but has not authenticated your application, in this case, the function will return: not_authorized.
The user is either not logged into Facebook or explicitly logged out of your application, in this case, we don’t know which one is it, that’s why it returns: unknown.
For example:
When we call getLoginStatus() we’ll get an object similar to this:
{
authResponse: {
userID: '12345678912345',
accessToken: 'kgkh3h4gkh3g4k2h4gk23h4gk2h34gk234gk2h34AndSoOn',
session_Key: true,
expiresIn: '5183738',
sig: '...'
},
status: 'connected'
}
There you can see there’s an authResponse object and a status object. We’ll focus on the status object first, checking for each of the three possible responses.
this.facebookProvider.getLoginStatus(response => {
if (response.status === 'connected') {
// User Authenticated and your App is authorized
} else if (response.status === 'not_authorized') {
// User authenticated but your app isn't authorized yet.
} else {
// the user isn't logged in to Facebook.
}
});
Try this and try to logout first from Facebook before you make call from PWA.
Related
I have managed to setup a custom login system using Firebase. The user enters email/password and is redirected to the main page(which is private). I am having issue with onAuthStateChanged after logging in. When I check the auth state after logging into the main page, i get invalid user (null). The firebase dashboard shows I have logged in successfully but onAuthStateChanged is the opposite.
I am trying to check if a user is logged in to my html pages, if not I want to redirect them to the login page. I like how the authentication works in firebase but I need to protect my html pages not my divs (which is what the vast majority of firebase auth tutorials show).
If anyone has an easier way to password protect a web directory that looks nicer than HTaccess, please advise (I am not crazy about using wordpress for password protection, but its an option). Otherwise, I guess I will have to do this in PHP. Thanks in advance!
(function () {
firebase.auth().onAuthStateChanged(function(user) {
if (user) {
// User is signed in.
console.log(user);
console.log('A user is logged in.');
} else {
// No user is signed in.
console.log('Invalid user. Redirecting to root.');
window.location.replace('../index.html');
}
});
})();
If you navigate to a new page, Firebase will have to initialize again. As part of that it will try to restore the user's authentication state, but this requires a call to the server which takes time.
For that reason the onAuthStateChanged listener will initially fire with null as the current user (and auth.currentUser is set to null). Then once the user is signed in, the listener fires again with the user object for that user.
If you want to detect this initial state, you can either store some token value in the browser's local storage that you can check for yourself on the new page, or you could set a time-out for when you expect the user to be re-signed in and only then navigate away to the index.html page.
I am using the python version of GAE. For most pages I authenticate the user server side with google.appengine.api.users
user = users.get_current_user()
if user:
# Great user logged in proceed
...
else:
# Oops user not logged in and/or App not yet authorized
# Present user with login dialogue then redirect here
So the user logs in and authenticates my app. Sometime later the user encounters a page with some java script functionality that uses google endpoints. The user is still logged into the page but it seems like I am forced to present another login dialogue before the endpoints api server side recognizes the User
Relevant JS Code:
iaw.signin = function(mode, callback) {
// Hoping setting mode to true here (no authorization prompt)
// magically figures out user already logged into browser and
// picks up relevant token/headers to feed to endpoints and
// verifies user authorized and logged in
// note: callback = iaw.userAuthed
gapi.auth.authorize({client_id: iaw.CLIENT_ID,
scope: iaw.SCOPES, immediate: mode},
callback);
};
iaw.userAuthed = function() {
var request = gapi.client.oauth2.userinfo.get().execute(function(resp) {
if (!resp.code) {
console.log('Succefully logged in');
}
else
{
console.log('Not successfully logged in');
}
});
};
Version of code above always prints "Not successfully logged in". If I follow the google example and call gapi.auth.authorize({ immediate: false}) it will present the user with another login dialogue and then everything works.
Is what I am trying to do possible? It just seems unfortunate in some cases to ask my user to login (authorize backend server code) and then immediately ask them to login again (authorize my javascript client code).
I'm developing an App with the Javascript and PHP SDK's. The javascript logs the user in, then passes off to the PHP code for most of the work.
The problem that I'm having is that test users and "real" users work differently. I'm calling FB.login, with scopes beyond the standard:
FB.login( function(response) {
if (response.authResponse) {
handleLoginStatusChange(response);
} else {
console.log('User cancelled login or did not fully authorize.');
}
},
{
scope: 'email,public_profile,manage_pages',
return_scopes: true
});
When this runs for the test user's account, the javascript presents two permissions windows - the first one for "public profile and email address", click "Okay", and I get a second one "manage your Pages". No warnings. And my app proceeds normally.
When I run it on a "real" account, the second window doesn't pop up, so my app doesn't have permissions to manage pages. Any idea why the two accounts would be behaving this way?
As CBroe pointed out, the App hadn't been properly reviewed. Thanks.
What is the way to do the app logout when the user is logged out from Facebook?
Let's consider the following situation: I've got the app that build into the webshops, so I somehow need to know the login status of the user. When the user logs into facebook and then into my app, he can 'save' or 'bookmark' the page. There's an option - to provide the logout button which logs out from the app, and then from facebook.
But my problem is the opposite: how to detect if the user has logged out from facebook - inside my app, which is built into the webshop? There's no way to detect it from the backend, only the js. Can I somehow build in the facebook login status change into my js code so it will do the check right away when my js snippet has loaded on a website?
You can make a simple graph api request like
https://graph.facebook.com/me/?access_token={your%20access%20token}
If user is logged in then you will receive a response with user information otherwise you will get a response as follows
{
"error": {
"message": "Error validating access token: This may be because the user logged out or may be due to a system error.",
"type": "OAuthException",
"code": 190,
"error_subcode": 467
}
}
Using this you can differentiate whether is user is logged in into fb or not.
Thanks,
Pranav
Could not find any reasonable solution, so did the following:
every request is directed to the app
on the app landing page Facebook JS SDK checks the login status and handles everything
I've implemented a Facebook login on a website, using the Javascript API and FBML.
When the user clicks Login, enters their credentials into the popup window, goes to the next stage and clicks 'Don't Allow' when prompted for permissions, the window simply closes and nothing else happens.
I want to change it so that when the window closes, the browser then redirects to a URL of my choice.
Is this possible with my current setup, using the Javascript API?
I'm assuming you mean XFBML, since you can't use anything except FBJS in FBML. This code is from the FB.login documentation:
FB.login(function(response) {
if (response.session) {
// user successfully logged in
} else {
// user cancelled login
}
});
Whatever goes in that else block is what happens if you don't get an authorization. top.location.href would work there.