Can an application check if anybody is logged into Facebook application in mobile ,if logged in get the user email Id from that and use it in their application?
To get a logged in users email address, you would have to authenticate with the API and the user would have to approve you using the Oauth workflow.
You can display a customized login / connect button using the Facebook API but if I recall correctly, that is an iframe that is embedded in your page, and you never see the email from that.
tldr; No. You need to authenticate using the Oauth workflow and have the user grant you permission.
First you have to authenticate user and then you can get logged in user profile information. For that you have to use Facebook API. Please check below link.
https://developers.facebook.com/docs/facebook-login/ios/v2.2
Related
I'm studying how to develop an iOS app and I need to figure out how should I structure it.
Architecture:
I've an external database, a REST api (as interface between the database and the app), and the iOS app.
The question:
I'd like users to authenticate by a simple form or by a Facebook login button but in each case a table 'user' in the database has to be filled with default fields like name, surname, email, profile picture, password(?).
For the standard authentication there are no problem, but for Facebook authentication I'm quite confused about theory:
Should I use access token? How?
When a user get authenticated with Facebook I haven't his password, so how can I get his informations from the database? In the standard way I would give to the database username and password and it would return for example the id field.
Sorry for my english.
You can use the access token of current logged in user
[FBSDKAccessToken currentAccessToken]
and send it to your REST api. From there you can retrieve every information you need and save it to your database (except user's password of course). If a user sign in for first time in your app insert a new user in your database and save user's Facebook User ID.
The whole idea of using authenticate and authorization is not to have access to user's password of another app, but the user authorize (confirm) your app to have access in his/her account with specific permissions.
Here is a step-by-step answer of what you need:
Design for Facebook authentication in an iOS app that also accesses a secured web service
You need to save the currentAccessToken that the login request returns to you.
Then, using Facebook's Graph API, the userID that was returned in the login request, and the user access token, you can request a user object, which has the email address, assuming you added the email permission in the login request.
Also use the Graphi API to retrieve the user's photo using the userID that was returned in the login request:
50x50 pixels
<img src="//graph.facebook.com/{{fid}}/picture">
200 pixels width
<img src="//graph.facebook.com/{{fid}}/picture?type=large">
I am using the Facebook iOS SDK to allow quick sign-up of users in my app. Here is the flow:
User taps "Login with Facebook" button
Taken to Facebook app or Safari for login
Redirected back to my app
Show Sign-up for with pre-filled fields from FBGraphUser object
User creates account using data from Facebook
After they created an account, is it possible to authenticate with Facebook, and let them login to my app without having to enter the username and password they just created? How would the flow of that work?
Seems like I should be able to do the following:
User taps on "Login with Facebook" button
Authenticate with Facebook SDK
Return to app, and make a call to server, checking to see if there is a username matching the Facebook email
Allow the user into the app with no password, since they have authenticated with Facebook and have an account in our system.
Is this the correct way to do it?
That is very close. However, it is not enough to just check that the email/username is valid. It is strongly recommended to validate the token directly with Facebook as well.
See Use Facebook authentication token in API for a very similar concept and the Facebook docs about verifying token: https://developers.facebook.com/docs/graph-api/securing-requests.
I am using twitter #anywhere JS API in my application and don't know how to use their methods and properly execute them. At present, I am following this docs for the API.
I am working on a scenario where, I need to check from my app, if any twitter user is logged in on the same browser, get the current twitter user details and cross check with my app for the twitter user. If the user exists in my app, automatically login the user. (more importantly it should not ask the user to connect to the twitter app. Without asking the credentials I need to get the currentUser)
NOTE: Facebook already supports this type of method. We can get the facebook loggedin user session from getSession() method.
Is there anyone there to help me out on this one?
I have successfully let users to connect to my web application with twitter oauth. And I can insert user information after they logged in.
My problem with is that existing users are always redirected to the Allow/Deny application screen on twitter each time they click on sign in with twitter.
How can I skip this step for my existing users so they don't have to click on allow every time they sign in?
I am using this library: http://www.haughin.com/code/twitter/
thanks.
This is done with the Sign in with Twitter flow. Instead of sending users to https://api.twitter.com/oauth/authorize?oauth_token=xyz send them to https://api.twitter.com/oauth/authenticate?oauth_token=xyz. In this case if the user has previously authorized your app and are already authenticated with twitter.com they will automatically be redirected back to your app without being prompted to allow/deny access.
When a user authorizes your application to use their Twitter account, Twitter gives you two tokens: OAuthToken and OAuthTokenSecret.
Stores these tokens in a cookie, or a settings file, or whatever.
Then, the next time you need to make a request to Twitter on behalf of this user, you use those tokens.
User login my application with oauth, after logout my application but twitter can't do, problem is user twitter account is active.
when that logout my application at the same time logout twitter
twitter api not support this action?
No, the twitter API will not log your users out of twitter.
account/end_session only ends the current API Session. I'm working on an site that requires users to be able to log out and then log back in again with another twitter account. To do that, you have to store multiple access tokens per user and establish one as the current access token. More info in the link below.
http://groups.google.com/group/twitter-development-talk/browse_thread/thread/02e44b27d7ba3661?pli=1
As far as signing out of twitter, it's up to the user to sign into twitter and sign out themselves, which is not ideal if working on a shared computer.
Twitter just closing the session at api ,not close the session on Twitter :)
You'll have to call account/end_session to end the session of the authenticated user on twitter.
Old thread agreed, I just integrated Twitter login in my android app using Fabric. I found the following method
com.twitter.sdk.android.Twitter.logOut
I guess they have implemented it now! I couldn't find any documentation, honestly I've not put too much time into it. But I think logout means what I think it means :)
Twitter does not have api for logout. You can use the session closing api to end the user session.
You can use oauth/authenticate or oauth/authorize and add "force_login=true" parameter. This will prompt the user with a login form.
view this thread