I've been trying to find the appropriate resources for the last 2 days but all resources I find are for embedded apps and I hope someone can point me in the right direction at least.
I have an external CRA custom app that I don't want embedded in the shopify admin. It is a custom dashboard pulling information from Sanity IO not for customers. Some of the same information is also being pulled into Shopify and displayed on the storefront.
Question is how do I authenticate the app from the CRA front? I can get to the redirect address with the hmac and shop url params.. but what then?
Greatly appreciate any help!
To connect your App to Shopify you still can do the oAuth dance. Has nothing to do with whether your App is embedded in the Shop or not. You would do oAuth with the Shop, get a token to do your API work, and save that token. Now the App is used OUTSIDE Shopify all you want, as you wish, but internally you can make all the API calls you want that you asked for scopes on.
Basically, just outfit your App with oAuth flow as per any other type of App that uses oAuth, and you're good to go.
Related
The AWS Mobile React Starter Kit is great, but it doesn't let users see anything without logging in first. I'd like to build a web app where unauthenticated users can query parts of the database, but can't make any edits. I've tried poking around in the AWS configuration, but so far I've only broken the app, not gotten it to do what I want.
Can anyone advise with the general steps to follow?
What I've tried:
Commenting out the first PublicRoute element in /src/index.js, then modifying the last one to redirect to /main/home instead of /login
Changing MobileHub configuration of the API from Private to Protected
Created a duplicate role (that I planned to remove write permissions from, once it worked) and selected it for unauthenticated connections in Cognito
Looked around for clues in the \awsmobilejs directory of the project folder, without luck
I want to move my angularJS web app to ionic hybrid app. I have done a lot of work all ready however I am confused on "autologin" topic. There are a lot of different information on internet, also the official docs are a bit unclear to me.
The scenario I am looking for is standart - on first lunch user creates account, logs in and next time he open app he is already logged in.
A lot of resources suggests to use localstorage. However there a some threath that it is not safe because IOs can clean localstorages.
So if that is not a good option, what is? Cookies?
I have spent hour reading and testing different approaches but well even more confused than ever. It seems to me as such important feature of hybrid app that there should be a good implementation... Would appreciate any help/suggestions/examples/links...
My ultimate goal would be that once authorized user can access and manipulate his profile data even if in offline mode. That means that opening app allready logs him in an his profile info is stored as well.
My minimum viable goal would be that when app is opened app recognizes user, checks as logged in, redirects to logged in state and makes http to get all user details. While user is waiting for that response there are loading spinners but he can start to use logged in app experience
I am working in Cordova ionic app, where I have stored token in localstorage. But it's not a good process. Have a look at Google FIREBASE. They have a good solution for you.
I would like to show number of visitors on a site since beginning of the month, number of users on the current day and currently on site.
I have Google Analytics installed, I tried to solve this issue with Embed API by enabling Google Analytics API from developer console - but I requires user authorization, etc.
What would be the easiest way to show analytics on-site without user authentication and accepting access by Embeded API, etc. Application is written in Angular, so Javascript API is the one I look for.
Thank you for any suggestion.
Authorization has to happen in order to get the data you want. Either you can let visitors to your site authorize themselves, or you'll have to authorize server-side on their behalf.
Once authorized, you can do something similar to what the Third Party Visualization Embed API demo shows. It uses a custom ActiveUsers Embed API component and includes the source code to show how it works.
Whether you use the ActiveUsers component or not, the basic gist is that once the users is authenticated via the Embed API, you have access to the method gapi.client.analytics.data.realtime.get, which you can use to query this data.
Here's where that happens in the source code for the ActiveUsers component:
https://github.com/googleanalytics/ga-dev-tools/blob/master/src/javascript/embed-api/components/active-users.js#L69-L87
Authentication with the Analytics service is mandatory. But the OAuth 2.0 Service Accounts (for Server to Server Applications) can be used to automate it in many cases.
It's unclear to me (from a quick scan) if the Auth options of the Embeed API would work with the automated authentication scheme, you may want to go through the details.
You should be able to use the Analytics Core Reporting API and maybe the Analytics Real Time Reporting API (beta) which work with the automated authentication according to their guides (look for the Authorisation sections on the left frames of the respective guides).
Donno if this qualifies as easy, tho, YMMV :)
I am having a weird issue. I created an application on Google App Engine and have a Login with Facebook button on it, for which I am doing server side authentication.
I give the redirect_url, and facebook was calling the URL correctly with no issues. The session parameters that I set were being retrieved on the redirect call and everything was working fine.
Yesterday, I got a domain on godaddy and mapped it to my appspot account using google apps. Now when I click on Facebook login, I am getting two calls on the redirect uri, the first one carries the session varaibles and the session one doesn't. I am not very familiar with domain mapping and followed the steps on Google Apps.
Can anyone help me in the right direction on this.
it's a little out of date, but i documented some GAE to Facebook gotchas here:
http://javagwt.blogspot.com/2010/08/facebook-apps-on-app-engine-without-any.html
It may also help to read about naked domain mapping with godaddy, to make sure you're not getting bounced around. Even though you are mapped to your domain through google apps, you can try to put the redirect URL for facebook as yourappid.appspot.com - the redirect URL you provide, and the one in your facebook app settings must match.
My app, nimbits.com writes to facebook from GAE all of the time - the code is on github under server/facebook
https://github.com/bsautner/com.nimbits/tree/master/nimbits-tds/src/com/nimbits/server
Thanks for the answers bsautner and Michele. I finally figured out the issue. I have google ads on my website. The google ads was trying to parse the URL content and creating a second request for every request that I create. After removing the google ads, I get a single callback with session values retained. It all works now. The final output is this website - www.imagecrashers.com. I will be glad for any suggestions from the gurus here, regarding layout or api calls simplification. Thanks again to all.
so my idea is pretty simple. But I don't know where to start.
develop a simple RESTful API on my app engine server using the simple webapp framework.
there will be two kinds of clients:
1. Normal pc users access the facebook application, and this will directly place API calls to my app engine server.
( Please note, that the facebook application itself is hosted on the same app engine server)
Iphone users access my app engine server by going though Facebook connect. The user is then free to make the API calls.
So how i checked the App3 Project at http://code.google.com/p/app3/, then didn't really have authentication in place.
Any suggestions/ideas?
I have a rough idea of how the flow works
Assumption: I have the datastore all set up with user data.
For normal PC users accessing my FB app:
--> authenticate in FB ->I save their userid + facebook_session_key in with gmemsess -> I use both data to authenticate with the user data in my datastore --> that user is now free to CRUD on my server.
For iphone users, it's the same flow. But with Facebook Connect.
the CRUD should look something like:
if the user wants to check his/her stats, the API call would be something like:
/rest/getstats
Is anyone actually doing something like that? I'd appreciate everyone's insights.
A simple, hassle free solution would be awesome!
Well, this might not be exactly what you've been looking for, but here's my try:
To do simple REST on app engine, you can try Jim Fulton's excellent library, bobo (here's a link to the REST section of the documentation). Bobo is a well-tested, simple package that contains only one fily, bobo.py, so it perfectly fits a minimalistic application's need. You can simply put it on top of webapp.
Note that the decorators shown in the documentation need to be converted to python2.5-style to work, so
#bobo.resource('/rest/getstats', 'GET')
def get_stats(self, request):
"Get user's stats"
would become
def get_stats(self, request):
"Get user's stats"
get_stats = bobo.resource('/rest/getstats', 'GET')(get_stats)
and such. This should be an easy approach to REST.
As for the authentication, you could pipe repoze.who into the WSGI pipeline. There are a some very simple repoze.who plugins for the facebook API out there in the wild (unfortunately none of them on pypi), I wrote a very simple one myself for a simple Facebook application a while ago. You can check it out here, along with a brief wiki and some dependency graphs that might help keep your app lightweight and memory-efficient. (Note on the dependency graphs there: some of the Zope libraries has been simplified since then; for Facebook authentication to work, you only need zope.interface.)
Maybe I didn't really give you anything specific (or useful), but these are just a few links you can take a look at, they might come in handy.