I am using devise as a way to use authentication for login and logout. However I am confused on how to post on a friends wall about my application.
1- If I use devise and Omniauth this allow me to either sign with devise, or with facebook. But once login, all devise omniauth won't be able to post to facebook correct?
2- My understanding of koala and facebook graph, is I must have the user credentials, therefore I must use omniauth? Which mean all user login in with devise, won't be able to post to facebook?
3- If I login using simple devise, is there a way for me to ask for credentials, which then i can use to then post to their friends wall.
Any tutorial, or guidance will be appreciated.
The only correct way to login into Facebook is to use OAuth, regardless of framework or implementation. You cannot post to a wall only using credentials, you must use an OAuth Flow as described in Facebook Login documentation.
https://developers.facebook.com/docs/facebook-login/
Related
I'm here to discover if what I want to do is possible or not. Can I connect to facebook using a rails method without passing through the facebook confirmation page?
I want to implement an app that should have a facebook acc/pass and I need to send a comment in a timeline, but I don't want to allow the facebook page. I want to do something automatic.
Thanks!
No, the facebook api in rails is built in a way that you can't directly login to your site using facebook. This is restricted for facebook authorization issues and it's terms and conditions.
If the user wants to allow access, he’ll have to log into his account (still on the facebook page) before being redirect back to your application. In the background Facebook will return an access token that your application will use to get access to the users data.
Check this for more details.
I have an existing rails app which uses 'devise' for authentication.
I would like user's to be able to link their twitter and facebook accounts to their account on my site, so that my application can post updates on their behalf.
Ideally:
When registering, you can choose to set up a standard account, or use twitter, Facebook, etc credentials.
If user chooses to use facebook credentials, I would still like them to be able to link their twitter account, so that my application can post to both at same time on their behalf.
A bonus would be allowing them to have identities which they could link twitter account A to one identity, then switch identities and use another twitter acccount.
My questions are:
if they use a standard account, and link facebook and twitter, are they going to be prompted to enter those credentials every time I post on their behalf? Or does omniauth give me an infinitely valid token?
I know devise can handle omniauth, but I can't seem to tell if it can handle what I am asking. It seems that it's omniauth support is more along the lines of just authenticating site users against twitter credentials not for linking multiples.
is there a rails gem that does this, and is well supported? I see socialite is no longer supported, but it seemed to be a one or the other type deal, not what I want anyway.
because I am already doing standard auth with devise, would it be simpler to just force users to create a standard account, and then use the twitter and facebook api's directly on top of that?
Looking for the best strategy here for doing what I want.
*note: If you think I can get 75% of what I want for 25% of the effort that all my goals would be, let me know. *
Thanks,
~S
I want my web application, which is built with Ruby on Rails, to communicate with the Facebook Social Graph API, but I am aware of that I need some kind of authorization to achieve that.
So, do I need to build OAuth authentication for my application to make use of auto-publishing messages on the user's Facebook wall?
If not, how could I integrate the social features into my web application?
The web application already has an existing user base; could I also allow my application to get Facebook access? If yes, how?
I would appreciate examples of sites who do this kind of integration really well, also with other services like Twitter, LinkedIn, etc..
All is explained on the facebook developers site:
http://developers.facebook.com/
This explains the auth you need to access graph
http://developers.facebook.com/docs/guides/web/#login
You can then combine graph info with your existing user database by saving their facebook ID number hence then you can pull up profile pics etc
Try using the following gems:
Devise: User authentication (If you already have the framework for user authentication, this will not be needed.
Omniauth: Facebook (or any other OAauth e.g. Twitter) authentication
Koala: Facebook open graph api
If you need only Facebook integration, Koala should be sufficient.
For making them work together check this:
Making OmniAuth, Devise and Koala work together
I'm currently using OAuth to authenticate people with their twitter (twitter gems) acount in my application. The problem is that for people who aren't connected or who have various accounts.
So that's my question, is that possible, to ask user their login/password to link their twitter account on my application ?
Thanks
It is no longer possible to connect to Twitter's API using Twitter credentials. Twitter's public stance on this is that you should -never- provide your Twitter credentials to anyone else, ever. This is part of their rationale for implementing OAuth.
Even if you had the user's Twitter password, you couldn't validate that it was actually their password, nor could you access their Twitter account with it through the Twitter API.
Your best bet would be to look into devise and omniauth. I've gotten it to work this way. Omniauth also allows to link to several accounts. Be it, Facebook, Twitter, etc.
I'm sure it's entirely possible to ask users for their Twitter login/password on your application. It's a very bad practice though, as OAuth avoids the need for client applications to ever touch a users credentials. I suggest setting up an authentication/authorization system that maintains a login/password and then allows connecting multiple OAuth accounts via an AuthenticationStrategy model or the like. Ryan Bates did a few Railscasts on the subject:
http://railscasts.com/episodes/235-omniauth-part-1
http://railscasts.com/episodes/236-omniauth-part-2
Is Devise a good option? Another extension? Roll my own as per OAuth in Rails - google, twitter, facebook, connect for login like stackoverflow login?
You can go with Devise in combination with Omniauth or use Omniauth on its own building your own authentication. You need to decide whether you want local+remote sign-up or remote sign-up only. I did both recently and wrote articles about it:
Devise + Omniauth: http://communityguides.heroku.com/articles/11
Omniauth, includes full code on Github: http://communityguides.heroku.com/articles/16
(Links updated 15.12.2012)
Edit: Regarding local sign-up - you might use myopenid as a replacement and send users over there if they do not have or do not want a Twitter/FB/Google account...
I highly recommend Devise (1.2 or newer) with OmniAuth. I have been successful in using that combination to enable single sign-on from a Rails application to GitHub, and it's fairly trivial to add support for additional providers.
https://github.com/plataformatec/devise/wiki/OmniAuth%3A-Overview