I have an application running Rails 4, Devise and Omniauth (Facebook). Everything works fine.
Now I want to create an IOS app to access this database. I planned to do this using JSON requests to fetch and post data to Rails RESTfull resources that I have.
Before I start writing the IOS app, I tried to test retrieving data from the web app, using cURL on command line (JSON requests), but Devise always reject me saying that I have to authenticate first.
How should I do this? How to authenticate, using JSON requests, using Facebook username/password and access the data from the Rails app?
Or am I thinking all wrong and I should do this in a different way?
You must create Facebook APP
You have to use Facebook SDK for login in Facebook
In the app using SDK you have to make login in the facebook
After a successful login facebook return "access token" for api requests.
"access token" you must send on the server with ruby on rails.
You have to use gem "koala" or other for access to facebook api using this "access token".'
6.1 As first step you must get user information from facebook. (you will have facebook UID, and may be email.)
6.2 Then you must find current user in your DB and login using Devise method sign_in
Also you have to seen this gem
https://github.com/lynndylanhurley/devise_token_auth
Related
I have an app that uses ember simple-auth with torii and devise extensions.
My backend is on rails with devise to protect ressources. (BTW, I am a rails noob)
My goal is that I want users to be able to register/login with facebook, but I also need to authenticate requests made to my backend. (e.g. A user can only access his account info)
If I take each authenticators by itself, it works fine. For example, I can authenticate a user through facebook. And I can register and sign in on my rails server. However, I want the registration to happen through facebook( No forms to fill for the user)
The questions I have are:
- What information should I persist on my server so that I can identify a facebook authenticated user and authorize him to access ressources?
- Is there a more straight forward way to do it ?
- Does it even make sense to have 2 authentication processes ?
If you're using Facebook login the only data you need to persist is the App-scoped User ID (https://developers.facebook.com/docs/apps/upgrading#upgrading_v2_0_user_ids)
That's a unique ID generated for the user in your App. When the user logs into your App with Facebook you only have to get back this ID and then match it in your database.
I hope it helps.
Currently my iOS app facebook atuhtentication does not work for users that have two iOS devices.
It works only when the user has one iOS device. The app uses the iOS SDK. (Not the Facebook SDK)
On the server side I use a rails app. The rails app receives a facebook token from the iOS app, and it uses the token to fetch the user email and profile picture.
#graph = Koala::Facebook::API.new(facebook_token)
profile = #graph.get_object("me")
profile_picture = #graph.get_picture("me")
Koala responds with the following error:
"Koala::Facebook::AuthenticationError: type: OAuthException, code: 190, error_subcode: 460,
message: Error validating access token: Session does not match current stored session. This
may be because the user changed the password since the time the session was created or
Facebook has changed the session for security reasons. [HTTP 400]"
I would like to know how to solve this issue and allow facebook authentication for users with more than one iOS device?
Thanks in advance.
SOLUTION
For this case the solution consited in handling the authenticaiton via the facebook device, instead of via the rails app.
Also it is useful to have a server based facebook authentication cache. Per Facebook documentation recommendation:
https://developers.facebook.com/docs/ios/login-tutorial/#tokencache
SOLUTION
For this case the solution consited in handling the authenticaiton via the facebook device, instead of via the rails app.
Also it is useful to have a server based facebook authentication cache. Per Facebook documentation recommendation:
https://developers.facebook.com/docs/ios/login-tutorial/#tokencache
I am developing an web app that will be used by iphone app. I use devise as authentication and i can create a new user, login as the user and when login is done it gives out
{"user":{"authentication_token":"xxxxxxxxxxxxxxxxxx","email":"sample#example.com"}}
but how can i change the password using json.
Most likely you will need to build an API for this, utilizing Devises JSON (Warden) to respond to JSON etc
reference to help point you in the right direction creating sessions with devise
Searching SO also yields
Ajax login with devise
I built authorization to Ruby on Rails application using omniauth and facebook. Unfortunately after logout from facebook, user is still logged in to Rails app.
How do I know that user was logged out from facebook?
I can't send authorization request every time when I need to trigger some action.
Is it possible that facebook will send some request after user is logged out?
Or maybe there is some cookie that I can read and I will know that user was logged out from facebook?
You can trigger a logout in Facebook from your application using the Javascript SDK. You can also use FB.getLoginStatus to detect whether the user is logged in to your application.
That being said, these have to be enabled through the Javascript SDK which is completely separate from the OAuth 2.0 API and the way that OmniAuth connects to Facebook.
I am currently using Devise+Omniauth on my Rails 3 app to authenticate users. My client saw this and doesn't like how omniauth redirects you away from the site. He wants something like on digg.com, which I believe uses facebook connect to authenticate (and opens in a popup instead of redirecting).
What are some arguements for my client to keep him using the Omniauth method? Why is it better than Facebook connect.
And failing that, are there any good resources for logging users in with a facebook connect popup window? Or really anything involving facebook and a popup.
Thanks!
OmniAuth supports login via the Facebook Javascript SDK, which works through a popup. You just need to include the right files. I don't remember all the details, but this should help:
https://github.com/intridea/omniauth/issues/120