I want to add "Login with Email" functionality in ios app.
I searched about this, but i found that we can not get default email account of iPhone.
Can anybody suggest me how should i proceed for this issue. Thanx in advance.
use this link for your login with gmail http://technogerms.com/login-with-google-using-oauth-2-0-for-ios-xcode-objective-c/
will u need just like this , here i used
Login with FB
Login with Twitter
Login with manually
-- here i used server and Sqlite for save the user information
-- email, name, p/wd, phone number, etc.
-- this login accessing with our own db or server
Of all the apps that ask for email and password, none get it directly from the iPhone settings, which makes me believe that there must be some sort of restriction for gathering that information.
So, then the procedure is ask for email and password from the user directly, fire a url to validate and check for the user with those credentials and either login or ask him/her to sign up
Related
I'm developing an iOS app with a server-side component. Users can create and login to accounts with an email/password combination. I'm also building in an option to alternatively login via Facebook. If the user logs in via Facebook I will need to create an account for them using the email we get from Facebook - but what do I do about the password? The server obviously requires a password to create an account. Should I use something like their Facebook user ID as a password (doesn't seem secure), do I force them to create a password? What's the standard practice here?
You can set a button text or alert saying "Use Facebook data for Registration".
After clicking on the button, you can redirect the user to the registration screen.
Fill up all the data with his facebook data then leave the password and confirm passwords blank to let him choose his password.
Trying to use his personal Facebook data as password may be the cause for rejection of your app on Appstore.
This is a very high level architectural question.
I want to use "Sign Up with Facebook" and "Log in with Facebook" in my iOS app.
Questions:
I find many tutorials for logging in with Facebook but I am not getting anything for Sign Up with Facebook, like a tutorial for "SignUp with Facebook".
How can I use Sign Up with Facebook in my app? As in, what will be the architecture? What do I need to send to my server? What I need to store about the user in my server's DB?
After checking Spotify's "SignUp with Facebook" my understanding is, when the user clicks on Sign up with Facebbok, he is still asked with Facebook login but the SignUp screen will get pre-filled with some basic information like phone, email, first and last name etc, which I can use on my app to sign up the user.
Next time when the user logs in using facebook I just validate if he has already signup or not
Am I thinking right? any corrections? feedback?
If you're using Facebook login for the sole purpose of it being an easy way to get your users to sign up/log in to your app, then your app will be rejected by Apple. You need to be using Facebook application features that go beyond just basic profile information and sharing.
I just went through this during the Apple App Store review process and think it's worth noting here. A little warning to those who think they will save time.
You will get the user's profile and info, plus a userId i think.
Then you can add the user's Facebook id as userID, Facebook email as username, and a very long pre-defined string as it's password.
This is totally secure as long as the very long pre-defined password is not public. Only your server (or your app) will have that and will put that as password when you log in.
The username will be the Facebook email, which is straight forward. And the userId in your database will be the Facebook id that you get from your login session.
All the data can be read from the FBSDKProfile, when login is successful.
Hope it helps :)
p.s. you can also use Digits by Twitter, it is an awesome SDK for signing in with phone verification.
I want to give the opportunity for a user of an app to register/login with Facebook or by creating an account. I know that I can get the user's Facebook account email address, and their first and last names. That's basically the only information for creating a 'local' app account, apart from a password. How can I make sure that if that person logs in to Facebook on another device, that their two devices are linked to the same 'local' account? (i.e if they choose to sign in with Facebook with 2 devices, I only want one local account to be created on my server for that user).
Ideally, I want the login schemes for both to be identical. So if that user logs in with Facebook, I can check (securely) that the FB account is linked to a 'local' account, and automatically log that device in without making the user type in a password. Is this possible?
Edit: The 'local' users will be stored in a database on my server, and the front end will be done in Python running alongside the API for the app. Note that 'local' is just referring to the fact that it uses my app web service rather than an external social network.
You can do that within your users database as per below:
assuming you store the user data in a table named userinfo, this table should contain user e-mail, first name, etc..
Add another column in this table named fbemail.
If users signs in using web service, his email will be saved in the email field & the fbemail should be null, if signs in using FB, then both email & fbemail should be the extracted email.
when the user uses FB login, check the fbemail field, if not found, then this is a new user, add his data, if not, then this is a returning user, no need to add his data.
Option 1.
You can identify your Facebook user by his Facebook User ID. If he logs in using Facebook on other device you know it cause he sends you his Facebook User ID in the authentication process. He also sends you Facebook access token which you validate contacting Facebook to see if it is correct. Using this approach you have to have a different authentication scheme for Facebook user and "normal", email user.
Option 2.
To have the same login scheme you can use Facebook to get user email and prepend it in the email text field in your registration screen. The user would need to additionally provide a password. This means that you are not really doing a Login with Facebook, but use Facebook to obtain an email (and any additional information) so the user does not have to type it.
This is an old post but still very valid. You are correct, anybody who has your FB email could potentially access your server rest-api and log into it. To access a backend service you will need to use as password the FB access token generated during the FB log-in. This is stored in the device keychain and can be retrieved as:
NSString *accessToken = [[FBSDKAccessToken currentAccessToken] tokenString];
NSString *userID = [[FBSDKAccessToken currentAccessToken] userID];
The topic of using a FB authentication system in parallel to a custom login/registration system is covered in this FB guide: Using Facebook Login with Existing Login Systems.
In sum, different scenarios need to be addressed:
A person signs up for your app using their email and password, but later they want to use Facebook Login to obtain data from their Facebook account, to post to their timeline, or just to use to log in with in future.
A person signs up for the app using their email and password, but later chooses to log in with Facebook separately. This guide assumes that the email supplied first and the primary email associated with their Facebook account are the same.
A person signs up for the app using Facebook Login and later wants to log in to this account using an email address and password.
The guide recommends using two different tables for the FB log-in and the custom login.
I'm using authlogic_facebook_connect plugin on my RoR app. Looking to get extended permission from the user to acquire their facebook email address so that I can use this email to store in the database as their "myapp.com" registration email. This way a user can come to the site and click on the facebook connect button and be automatically signed up with my site as well. I know that I need to ask the user for their permission before I can get their facebook email, but I can't find anything around on how to do that..
(fyi I've tried simply getting email from facebook_session.user.email, but of course it's nil due to the permission restrictions)
I have recently implemented login to my via facebook connect. So now users have 2 ways of logging in to the site. The old way of registering an account and the new way (facebook connect).
One thing I would like to do is link a new facebook connect user account to existing accounts if they logged in the old way.
Has anyone had any success doing this?
Very good question I think and lots of people will benefit from an answer.
What you need to remember is that accounts are only linked so long as they are authorised to be linked through Facebook. What you should do is maintain a second table of linked accounts in your database so that you know who is who and if they are linked with Facebook.
You should read this integration comment, it provides a lot of useful information.
http://crazyviraj.blogspot.com/2010/01/test-cases-for-basic-facebook-connect.html
It doesn't really say how to do things, but it makes sure you tick all the boxes of what you should be doing.
ie:
Sign Up should fail if the user denies
permission to the app (category: sign
up)
Since we need access to an email
address, Sign Up should fail if the
user provides publish permission but
denies email permission (category:
sign up)
If the user provides an email address
that already exists in your system,
fail Sign Up. Make sure no YouFace
backend tables are modified (category:
sign up, 1:1 mapping) PS - when this
happens, I didn't find a way for you
to de-authorize YouFace on the
Facebook user's behalf. The user must
manually do this if they wish you use
the same account but provide a
different email address.
Accounts created using Facebook
Connect should not be able to login
using YouFace's default email/password
login system (category: sign in,
account security). PS: Since YouFace
accounts require a password and those
created using Facebook Connect don't,
make sure to insert a random password
hash into your table to avoid silly
errors
Accounts created using YouFace should
be able to sign in without requiring
to be signed into Facebook, even if
when a link to a Facebook accounts
exists (category: sign in)
Any many more
You should be asking for permanent access through fb connect authentication. Once you've done that, you'll get a token which gives your permission to access someone's Facebook information, and that token will not expire unless the user explicitly removes you from the permission list or changes his/her password.
Once you have the token, associate that token with the user / create a new field in your user table to store it.
To associate the user with a Facebook account without the user logging in, you can try to match by email. It's not 100% accurate but it's pretty good. Facebook doesn't give you email addresses in text form but you can get email hashes from FQL. Since you already know user email addresses, you can calculate the hash for all of your user emails and search through your user base for matches every time a new Facebook Connect user signs up.