I am very new to Rails and before I get deep into the building process, would like to know if anyone knows of a way (or any articles--I've been searching and can't find exactly what I'm looking for) to do the following:
1) have a user login using omniauth
2) after logging in directing the user to set an anonymous username that will what shows for this user throughout the activity in the application (all omniauth use info remains private)
Is there a way to do this? I found this question login using facebook or create an account but I'm essentially having them login using facebook AND set an account of a sorts.
If anyone has any resources that could point me in the right direction, I'd appreciate it!
Related
I am in the process of adding social media oauth login and registration to an existing site. I've followed the overall process described here:
https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview
Currently, if a user wishes to change their account profile (including email address, password, etc.) then they need to supply their existing password. This is to prevent cookie stealing style attacks, or damage caused by people leaving accounts logged in on public machines.
However, if a user has registered using Facebook then a randomised password is set behind the scenes and the user is not aware that a password exists in our system.
This could make the simple process of updating the user profile a confusing and off-putting task. How do we present the password to the user, and how do we explain that it's different to the Facebook password?
I would like to present a Facebook pop-up or interstitial to the user before they change their account details, to force them to re-authenticate using their Facebook password, but I can't immediately see a way of supplying multiple callback URLs, or passing form data.
Is there a feature or workaround that would let me achieve this?
Please let me know if including any code would help, but you can assume that I'm using a standard Rails app running Devise and the Facebook oauth strategy, with code snippets described in the link above.
I'm using Devise with my Rails app and I'm looking at using the Omniauth-Facbook gem. My app has views that show the users's by user name. What I haven't been able to figure out is how I can prompt a user for a user name when doing this.
I know that I can request this from Facebook, if the user has created a FB user name. Many people have not specified a user name for their FB account, so this does not seem like the best approach. I've read other answers which indicate that perhaps the email should be used instead, which works if the user name is solely for logging on, but this is obviously not a good idea if the user name is going to be shown on user views.
If anyone could provide guidance on how to best prompt or get a user name while registering someone through Omniauth-Facebook, that would be very appreciated. Thank you!
when you sign up for facebook, then check whether they have username in the facebook, if no,then just redirect to your path to update the username?
I'm currently working on a RoR app that is only going to be used inside the Facebook Canvas. To model the users I use Devise. Now, I'm aiming at making the signup & login process easy as pie. If my prospective users open the app, he/she should be prompted to authorize the app to access name and email. If this happens a user should be created with the name, fb_uid and email. Every time this user now comes back to the canvas app he should be signed in.
How do I accomlish this?
Please help - looked at koala, omniauth, the javascript and php sdks -> my brain just feels fried...
This railscasts episode shows you how to easily put together the authentication system using omniauth-facebook. I actually just used it today as well. Let me know if you have any more specific questions.
http://railscasts.com/episodes/360-facebook-authentication
Suppose user can login using either Facebook Account or OpenId. If user uses Facebook, I would like to put a button like publish on my homepage, else I will not put anything on it. How do I tell which authentication method user is using in OmniAuth?
In your callback method, you can access the request.env["omniauth.auth"]["provider"] varaible to determine if he used Facebook vs. OpenID.
I would like to know the best way of implementing automatic login to my web site. What I mean by automatic is this:
I've already signed into Google. I now go to my web site and its login page. Instead of clicking on the link to login with Google I would like the web app to detect that I'm already logged into Google and bypass the whole login page.
1) Would I use the DotNetOpenAuth.OpenId.RelyingParty.OpenIdAjaxRelyingParty.HttpApplicationStore to get associations?
2) Or do I need to look at cookies.
To your "1) Associations" guess, no. Associations that the RP may already have with Google are irrelevant to who the user is at the browser or whether they're logged into Google. Your "2) cookies" won't work either because browser isolate Google's cookies from those of your RP so you have no insight into that.
Hbas was right. I think Auto Login user to website when user is logged in to FB or google - DotNetOpenAuth has the answer to your question.
Distant memory suggests that Google had a way to disclosing to an RP that the user was logged into a Google account (with no way to identify which user or auto-login that user) with the idea being that the RP could then promote the "login with Google" button since you know the user has a Google account. However that wasn't well advertised (privacy concerns probably) and I can't find any info on it at the moment.