Facebook login without javascript - javascript

i have a page tab where users press like and then using the js sdk i ask to grant the app for some permissions..
in order this to work on mobile devices since page-tab are not available, i have used mobile-detect..
the problem is that i don't want at mobile version the js popup but the native login window..
this can happen using the login without javascript
https://developers.facebook.com/docs/facebook-login/login-flow-for-web-no-jssdk/#confirm
the problem is that i m completely lost, at the redirect after the login..
header("Location: https://www.facebook.com/dialog/oauth? client_id=487296798007389&redirect_uri=URL_TO_REDIRECT_TO/success.php&scope=email,friends_l ikes&response_type=token");
if i use the response_type code i get a code from which i can't get access token..
if i use the response_type token i get a access token with a hash tag on top and i don't know at all how to handle this..
can someone give me some quite lines on how should this be treated in order to retrieve userid
do i need to set my app to sth else apart from only page tab? since the mobile version will be accessible from my own domain?

i found these two very usefull
with this i do a php login that it server me better in a specific occassion than js..
https://developers.facebook.com/docs/php/howto/profilewithgraphapi/
and this
Facebook login without pop-up?
it let me use js, but instead of login (that would pop up on mobile) i could use the redirect link and have similar result..
however, i noticed a case in which on some devices the second case ended in infinite loops without obvious reason

Related

Allowing to load web pages directly from browser and navigating through browser buttons?

Is it good to allow webpages to load directly from browser url field or browser back buttons?
Our webapplication is working fine if any user navigates through home page, but some users are directly accessing the web url in the browser and raising issues that it is not working fine.
Can you please suggest do we need to support loading the urls through browser or allow to navigate through home page?
Some banking websites gives a warning saying to do not use browser urls or browser buttons to navigate between pages i.e. they will warn to do not press browser back button to navigate to previous page etc., so is it correct idea then?
Yes! Ideally, you should let your users use the links directly and have the website function as usually does. This is ideal if they use, for example, their "recent webpages" functionality on their browser, they want to revisit some page from their history, or they visit the webpage so often it appears on their recommended webpages list (This is a functionality present in some browsers, such as Chrome).
A good way to achieve this is query parameters.
Overall, you should expect your user to access the website from other places than the homepage, and have some logic to handle it in such a webpage that the website doesn't become broken.
However, there are some situations where it's just impossible to have the website work as expected without some previous action done by the user (For example, filling a form or being authenticated. In some cases, your user might need to be authenticated to visit a specific link, and ideally, because of security, user sessions should eventually expire). In this case, having safeguards that redirect the user to some previous page where they can begin their flow again (Such as, the login page) is better than nothing.
How to implement this depends a lot on the stack being used (Programming navigation varies between React and Angular. You might not even be using a library or framework at all!). More context would be needed to suggest an approach.

Send information from one browser window to another

I have a SPA that I cannot leave due to the fact that if the user leaves/refreshes, some information might be lost.
I want to implement the Instagram API, however the API requires that you browse to a different URL, login, receive a code in your URL, and then get redirected back.
Since I cannot do this directly from my site, I must open a new window to do this.
How can I retrieve the code from the URL in a separate window to send back to my site in the original window?
I have looked at websockets (need a server, so no) and WebRTC (on localhost, did not seem to work) already with no luck. Any suggestions?
If the API allows using an iframe, you can watch what's happening inside the iframe or communicate from inside the iframe using parent.instagramLogin(data) (where instagramLogin is a function you defined outside the iframe).
An alternative option is to automatically close the login tab once the login is finished, and when the main tab is focused again (window.onfocus) send an ajax request to check if the login was completed. (and of course keep checking every time the event fires until you get a result or until it becomes irrelevant.)
Update:
I found a reliable way to communicate between open tabs, using BroadcastChannel if supported, otherwise storage event from localStorage. You can find the details here, and someone in this link even made a small library to make it quick and easy.

Redirecting Prior To Page Display (AngularJS)

Got an AngularJS app set up, where some views require you to be logged in. Other views are publicly available. Ideally, the user would be redirected to the login page (which is currently outside the scope of the app) before any of the view is displayed.
Since it has to redirect depending on the hash-value, this can't be done back-end. I have the redirecting working alright within the js, although there is the issue that using $window.location.href does not seem to prevent the javascript from running. So you still get that quick flash of what was on the page.
Note, all info is validated back-end as well, so the user can't see anything they're not meant to. It's just a matter of UX. Would prefer not have the page quickly flash before redirecting.
Is there any way to tell the browser to stop executing after $window.location.href?
EDIT:
While not an optimal solution, I've decided to have the <body> hidden by default. Then I use an if-else to either redirect or show the body.
I'm still interested, if anyone can think of a better solution?

Website FB login redirects to blank page

I'm getting a blank permissions page on facebook login using the Javascript SDK. It was working for the last few days and I'm not sure what I changed. I don't seem to be using my app secret anywhere (I do define the API key). Are there any suggestions for troubleshooting? The Facebook debug page unfortunately just had me add some meta tags related to open graph which didn't change anything. I've tried looking at the 100s of other questions like this but can't figure it out. I tried reverting to an older version of my code so I'm pretty sure it's something with the Facebook, but it was working.
The blank page is in the popup window and has something about permissions in the URL. My site doesn't require any permissions though.
This is the URL in the login window after signing in:
https://www.facebook.com/dialog/permissions.request?_path=permissions.request&app_id=number_I_removed&redirect_uri=http%3A%2F%2Fstatic.ak.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D11%23cb%3Df8917d1784b726%26origin%3Dhttp%253A%252F%252Fpostacle.com%252Ffd565a0d8d775e%26domain%3Dpostacle.com%26relation%3Dopener%26frame%3Df12565ffe5570f2&sdk=joey&display=popup&response_type=token%2Csigned_request&domain=postacle.com&fbconnect=1&from_login=1&client_id=number_I_removed
If I reload my page I'm signed in correctly. The app ID and Client ID are the same in the URL. Not sure if they should be but wasn't specified a client ID or means of generating one.
OK, so of course I left out a critical detail: I'm using Django. Further, I'm so reliant on Django I was serving my Facebook channelUrl in a view. Facebook's API didn't like that. After reading the story of a similarly cursed fellow, I changed my ways: URL links directly to channel.html file. No more sorrows.

Opening Phonegap ChildBrowser Plugin Window Just for Website Authentication?

I have a slight issue that someone might be able to point me in the
right direction. As I'm a web guy but have little knowledge of
objective c.
I am trying to retrieve some information from a website in javascript
in my project that requires me to post login information to it (no
problems there using Jquery $.post). The page I'm trying to return is
only accessible after logging in (in a browser the site checks cookies
and user-agents plus a bit of javascript leg work).
How can I create a hidden UIWebView that would do the login page
(there for creating the correct session variables etc) so that I can
retrieve the information I need?
Or is there a way I can get ChildBrowser Plugin to do this for me? If
so how would I tell the Childbrowser window to close once it has
reached the post-login page ?
I ended up finding some type of solution.
http://www.pushittolive.com/post/1239874936/facebook-login-on-iphone-phonegap
Using that example I was able to set up childbrowser to open the login-action page, then detect the change and close the browser window.

Categories

Resources