I have an ruby on rails application that uses devise and omniauth-twitter gem to handle user management and authenication. Users can only login through twitter. I already have the application authenticating, however I would like to allow users to write a tweet; and if they are not logged in, authenticate through twitter then have the tweet they wrote before the authentication post to twitter.
I was wondering what is the best way to go about doing that?
Can I capture a request if a user is not logged in, log them in, then preform the captured request?
Just not sure how to go about doing this.
Thanks.
Related
I have an app that uses ember simple-auth with torii and devise extensions.
My backend is on rails with devise to protect ressources. (BTW, I am a rails noob)
My goal is that I want users to be able to register/login with facebook, but I also need to authenticate requests made to my backend. (e.g. A user can only access his account info)
If I take each authenticators by itself, it works fine. For example, I can authenticate a user through facebook. And I can register and sign in on my rails server. However, I want the registration to happen through facebook( No forms to fill for the user)
The questions I have are:
- What information should I persist on my server so that I can identify a facebook authenticated user and authorize him to access ressources?
- Is there a more straight forward way to do it ?
- Does it even make sense to have 2 authentication processes ?
If you're using Facebook login the only data you need to persist is the App-scoped User ID (https://developers.facebook.com/docs/apps/upgrading#upgrading_v2_0_user_ids)
That's a unique ID generated for the user in your App. When the user logs into your App with Facebook you only have to get back this ID and then match it in your database.
I hope it helps.
I am trying to implement Omniauth and Devise with multiple providers in Rails 3.2 app.
One tricky scenario is: user signs in via LinkedIn for the first time. Since linkedin does not provide user email, I won't know which account I should link this linkedin credentials to. So I want to intercept the callback to prompt a popup window that allows user to enter his email or username, before passing the credentials together with email to controller.
How should I go about this?
I built authorization to Ruby on Rails application using omniauth and facebook. Unfortunately after logout from facebook, user is still logged in to Rails app.
How do I know that user was logged out from facebook?
I can't send authorization request every time when I need to trigger some action.
Is it possible that facebook will send some request after user is logged out?
Or maybe there is some cookie that I can read and I will know that user was logged out from facebook?
You can trigger a logout in Facebook from your application using the Javascript SDK. You can also use FB.getLoginStatus to detect whether the user is logged in to your application.
That being said, these have to be enabled through the Javascript SDK which is completely separate from the OAuth 2.0 API and the way that OmniAuth connects to Facebook.
I am using twitter #anywhere JS API in my application and don't know how to use their methods and properly execute them. At present, I am following this docs for the API.
I am working on a scenario where, I need to check from my app, if any twitter user is logged in on the same browser, get the current twitter user details and cross check with my app for the twitter user. If the user exists in my app, automatically login the user. (more importantly it should not ask the user to connect to the twitter app. Without asking the credentials I need to get the currentUser)
NOTE: Facebook already supports this type of method. We can get the facebook loggedin user session from getSession() method.
Is there anyone there to help me out on this one?
Suppose user can login using either Facebook Account or OpenId. If user uses Facebook, I would like to put a button like publish on my homepage, else I will not put anything on it. How do I tell which authentication method user is using in OmniAuth?
In your callback method, you can access the request.env["omniauth.auth"]["provider"] varaible to determine if he used Facebook vs. OpenID.