I have the following method:
function CompleteFbData() {
FB.api('/me', 'get', {fields: 'id,name,email,birthday'}, function(response) {
$("#profile_full_name").val(response.name);
$("#profile_email").val(response.email);
$("#profile_telephone").focus()
$("#loginbutton").remove();
});
}
This should return me id, name, email and birthday from my user's facebook account. However, it sometimes will get me only the id and name.
Eg1:
returns email
Eg2:
doesn't return email
Since it's important that I always get the user email for my application, is there a way I can ensure it will always get the email?
Thanks for your time.
EDIT: I understand that a Facebook account doesn't necessarily have an e-mail associated to it, so I must change my application.
However, in the examples I printed, the accounts used were created by myself, both have e-mails associated to each one of the. Still it did not return the email in one of them.
Note: this happens a lot, sometimes it returns sometimes won't return. Couldn't understand why and when it happens.
Facebook api requests don't return email if the email isn't valid. Do both the emails you have used for the separate accounts have valid # addresses? also has the email been verified via facebooks verification email?
Try this and if it works..woohoo!
Related
Is there any way to create custom recoverEmail link in firebase/firebase-admin?
I've checked the docs and tutorials there's none.
Any help would be great!
From my understanding there is currently no solution for this within the SDK. Instead, we took the approach of using admin.auth().generateSignInWithEmailLink(email, actionCodeSettings) and then replacing the mode within the returned link from signIn to recoverEmail.
const updatedLink = link.replace('signIn', 'recoverEmail');
This allowed us to customise the auth handler action as suggested here Create the email action handler page in the Firbase documentation.
Now we are able to call on admin.auth().updateUser again to reset the email to it's previous, along with update across our databases, merchant and other services. You'll also need to add the original email to a query in the updatedLink too.
const linkWithOriginalEmail = updatedLink.concat(`&email=${email}`)
Hope that helps and if anyone has a better solution we'd love to discuss.
I´m not sure if I understand your problem correctly, but If your goal is to have a custom link in the automatic email sent by Firebase when someone changes his authentication email address with updateEmail then you can define a custom action url in the Firebase console e.g. https://example.com/__/auth/action in the Authentication section and add the following code to the defined url (ref. https://firebase.google.com/docs/auth/custom-email-handler).
function handleRecoverEmail(auth, actionCode, lang) {
// Localize the UI to the selected language as determined by the lang
// parameter.
var restoredEmail = null;
// Confirm the action code is valid.
auth.checkActionCode(actionCode).then(function(info) {
// Get the restored email address.
restoredEmail = info['data']['email'];
// Revert to the old email.
return auth.applyActionCode(actionCode);
}).then(function() {
// Account email reverted to restoredEmail
// TODO: Display a confirmation message to the user.
// You might also want to give the user the option to reset their password
// in case the account was compromised:
auth.sendPasswordResetEmail(restoredEmail).then(function() {
// Password reset confirmation sent. Ask user to check their email.
}).catch(function(error) {
// Error encountered while sending password reset code.
});
}).catch(function(error) {
// Invalid code.
});
}
I have a scenario that requires checking an entered password against the user's firebase password before the user does an irreversible task. This is different from creating an account or signing in. How can you check against a firebase password? It doesn't look like there's a password property in firebase.auth().currentUser.
Update:
The user must verify their password and the Delete button will run a function to check it. If it matches the firebase password, the Delete button will succeed in triggering a pretty modal to pop up.
I would suggest you to store the user password somewhere if you need to check against it at some point.
Instead of storing it inside your database (which wouldn't be safe) I would personally store it on user's device using UserDefaults so that you can access it easily whenever you need to perform your sensible tasks.
Update:
Another possibility would be using the reauthenticateWithCredential method. If the method return success then, perform your sensitive task. If it fails, ask your user to type the correct password.
As per your request, this is how you would reauthenticate the user using his email & password :
// First you get your current user using Auth :
let currentUser = Auth.auth()?.currentUser
// Then you build up your credential using the current user's current email and password :
let credential = EmailAuthProvider.credential(withEmail: email, password: password)
// use the reauthenticate method using the credential :
currentUser?.reauthenticate(with: credential, completion: { (error) in
guard error == nil else {
return
}
// If there is no error, you're good to go
// ...Do something interesting here
})
You can find some more explanation inside the Firebase documentation here : https://firebase.google.com/docs/auth/ios/manage-users
I have an interface in my website where a user can create an "unclaimed" order for another user and send them an invitation. The invitation link will be formatted as /enrollment/orders/:_id, where _id is the id of the order.
One catch is that this can be sent multiple times. On the first time, the user that is invited might not have a password set.
Meteor.publish('enrolled_order', function (token) {
// if user has their password reset, token will also be set for user's account
return Orders.find({
'enrollment.token': token
});
});
Here's the catch: During this publication, I want to check certain aspects of the user record and take different actions instead of publishing it. For security, I believe this will need to be done on the server to work appropriately.
if there is no this.userId, I want to send them to login.
if the user does not have a password set, I want to redirect them to the reset password page.
Is this possible via a meteor publication?
I think you would need to do this in the router. If you're using Iron Router, you could use onBeforeAction to check whether the user is logged in:
Router.route('/enrollment/orders/:_id', {
subscriptions: function() {
return Meteor.subscribe('enrolled_order', this.params._id);
},
onBeforeAction: function() {
if( ! Meteor.userId() ) {
Router.go( 'loginTemplateName' );
}
}
});
You aren't going to want to return the hashed password directly to the client, so maybe setting a variable to say whether the password exists or not might be the best approach?
I can't remember if onBeforeAction happens before waitOn, but you might be able to get away with waitOn instead of subscriptions.
So, I'm currently using a Facebook login button API. What I wanted to do was for my code to add the user's email after the user logged in, into the SQL database. I'm having trouble understanding how to access the information of the email in the PHP code. This is all done on an HTML page but the HTML page doesn't hold variables and I tried running the javascript function to no avail.
Part of my code is
function returnEmail() {
var url = '/me?fields=name,email';
var email = '';
FB.api(url, function(response) {
console.log('Successful calls email function');
email = response.email;
});
return email;
}
This essentially returns a string variable that represents the email value. I'm not familiar enough with PHP and how it interacts with Javascript to understand how I can get that email information and then add it. Thanks if you can provide any help!
I would like to let a user enter a facebook page name and validate that it is a facebook page and nothing else.
To accomplish that I've used ajax to call graph.facebook.com/{str} where {str} is a pageName a user is requested to enter, but the problem is that any string can be entered and if a user enters a string which is a facebook profile, it will return a facebook object.
How do I validate using graph.facebook.com/{str} that {str} is a valid facebook page name ?
I've tried using graph.facebook.com/search?q={str}&type=page but it returns close results too even if the {str} that was entered wasn't found.
Thanks
Instead of using Graph API I would suggest you to instead use the Page FQL which is indexable by the name field, and would only return data if the name corresponds to a Facebook Page and not for a User.
Edit
select name from page where name='ign'
Which would give you the result for IGN's page, but if you do the same for any user it would return nothing.
Some fanpages don't have short username:
https://www.facebook.com/pages/Fanpage-name/FANPAGE_ID
in this case, you should send FANPAGE_ID instead of username. Valid fanpage will have fields like
"is_published": true,
"likes": 27134,
check graph api result for public profile:
http://graph.facebook.com/zuck
and fanpage:
http://graph.facebook.com/facebook