I am new to Facebook development.
Is it possible to have a website login with Facebook + a non-FB database?
Specifically I would like my users to access Facebook information similar to Sociogram (http://coenraets.org/blog/2013/02/sociogram-a-sample-application-exploring-the-facebook-sdk-and-the-graph-api/) which I have gotten working with my own website app, but also tie in additional user information that Facebook does not keep - so that my users only have to have one login.
Any info on where to start researching would be helpful.
As you are talking about having your own database, i can guide you like this.
Use facebook javascript login to get premissions from user and save them to your database in which you may have other details to be added later for your website purpose
When you save details once from first login, you dont need to save them on next login. So Write code so that on first login check your database for user existance and if not then add him to database.
And in that database you can add extra field that facebook wont save like his height for example.
For this to happen you must have server side scripting knowledge to store the details to database. If you need further more details, i am here to answer.
Related
I have a little bit of problem with the authentication on Sitecore website. Basically there is a button on the navbar, and when user clicks on the button, it redirects the same user to Salesforce to log in (Implementation of SSO). Basically I am using Salesforce as a identity provider and Sitecore Website as a service provider. Now I have a question? When user is logged, how can I get the ID of that user.
Do users in Sitecore User Manager have the same ID as the users in Salesforce, or I can just get a email to identify the user?
P.S: Sorry if this is a really stupid question, but I am a begineer when it comes to making Sitecore websites and the SAML SSO. Thank you in advance
Stop with the Sitecore and Salesforce for a second, you'll need to cover some basics and click through the login process manually before you automate it.
You probably are using a "connected app" in Salesforce that includes OAuth2 config (consumer key also known as client id; a secret; a list of scopes telling what this app is allowed to do on behalf of this SF user; a list of allowed urls that can login using this consumer key and secret. Etc.) It might even have something about Canvas Apps at bottom of the page.
Next would be - who's logging in. A core Salesforce user or do you have Partner Community, Customer Community (recently rebranded to "Digital Experiences").
Open incognito window and go to https://openidconnect.herokuapp.com/
For login host leave as is if you have production user or test.salesforce.com if you go from sandbox (you can also use branded urls, mycompany--dev.my.salesforce.com etc). If you have a community user you'll have to change the url to whatever is the community base url, like https://dev-mycompany.cs123.force.com/mycommunity
Don't change anything else, click next, next, next. This will take you through OAuth2 "web server flow" (one of many ways to log in). You type the username/password to SF screen and go back to that herokuapp with "authorisation code". The app has few minutes to swap that code for actual final "access token" and couple other pieces of info. Final step in this wizard calls OpenId "userinfo" - returning some info about the user that logged in. That's where you could pull the email if needed (and if there are extra fields you'd like SF to return in this process that's configurable too)
Close that browser window. Check the "connected app" in SF. Open new incognito window, do same thing but this time put your url, consumer key and secret (you might have to edit the app in SF first to allow callbacks to https://openidconnect.herokuapp.com/callback).
So now you should have rough idea about whole login process. Your sitecore app probably does same thing, receives authorisation code and exchanges it for final token. At that point you have valid SF session ID you could use to call that "userinfo", run queries (if the app allowes API access, check the "scopes") etc.
I doubt the Sitecore developer created it all by hand, you probably have some Spring stuff like spring.security.oauth2.client... My Java days are long gone but if you get better at manual click-click-click through the flow you should be able to follow existing code?
It's a big topic and there are other ways to do it (other OAuth flows, sending info about the current user when you have external page embedded in SF as iframe, you'd need to read about "canvas apps")... but that's best guess based on info you provided. You might want to check some trailhead courses too like https://trailhead.salesforce.com/content/learn/projects/build-a-connected-app-for-api-integration/implement-the-oauth-20-web-server-authentication-flow
https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/intro_oauth_and_connected_apps.htm
https://developer.salesforce.com/docs/atlas.en-us.api_streaming.meta/api_streaming/code_sample_auth_oauth.htm (Java but very hand-crafted raw HTTP, probably that Spring security is better)
My scenario:
I have an application within which users keep their own journals. For some of the journal records, i want to enable them to post to their facebook timeline.
It was rather straightforward with an old api (obtaining token and posting) but with a new Sharing Product, it seems impossible because its intended to use ograph data and backlink from facebook post to the page within the app but since the journal post itself is for logged user only, i don't see a way how could it work.
So, the question is:
How to enable users to share (actually, "replicate" is more accurate word) content from their authorization protected area within my application to their facebook timeline?
PS.
I am aware of solutions like: Auto post (user behalf) on facebook but that's an old api.
You can not create new content like this any more in any automated way, you can only let your users share links.
But you can point the Share button to any URL you like (parameter href), it does not have to be that of the current page.
Facebook will follow whatever you have set as og:url or canonical, so that would have to be the version without authorization then.
That would also be the URL that users clicking on the link in that post would be redirected to.
I was wondering if this is possible using Firebase and React.
I want to create a admin panel where the admins can add new user and assign roles. The moderators should also be able to login and make a new post (the new post part i have figured out).
However i dont want any users to be able to register on their own, just the admin to add them to the site.
Is this possible and in that case, how? Grateful for input and thoughts
Yes its possible, just create and Interface which is able to send data to firebase.
Here you have a little example.
I've just create and APP which connects to firebase. Firebase saves a lot of time becase you dont have to control the Auth and the Users SingUp, it has functions to do it.
I will sugest you to use it with ReactForm (to send the data) abd the ReactRedux to control states and the LogIn, LogOut and SignUp.
https://medium.com/firebase-developers/how-to-setup-firebase-authentication-with-react-in-5-minutes-maybe-10-bb8bb53e8834
Fore more info check Google Documentation.
https://firebase.google.com/docs/auth
I have my own login form for my website. In addition I have also added google and facebook login.
My question is should I add those user data that's login from (fb or google) into my own userdata table or create a different one each for google and facebook.
1) If I add to my existing one, the password column would be left blank(as fb do not provide one) and anyone who knows the email will be able to access it easily.
2) And if I make different table then I think it will become little complicated or slower when trying to access a user data from across the different table.
What's the best choice of doing it or any other method that's better than this?
Make sure users have to enter a password when they login with Facebook/Google, or make sure regular users do not use a blank password - users without a password can only login with the Facebook/Google API.
DonĀ“t create a separate table, it will only get more complicated. Extend the existing one with IDs (from Facebook and Google).
I am working on a website, I have one problem ..
I have facebook users id in my database, now I want to get their names using their ids but without using graph api..
Is there any way to do so..
I assume you want to do this programaticaly... Short answer is - you can't.
If you want to do it manually you can simply navigate to this url: https://facebook.com/profile.php?id={USERS_ID}It will give you the users profile page where you can see their name IF their profile is publicly available.
Essentially you should request the users names and store them in your database when the users authenticate your application.