I'm developing a personal project in which many users join a certain project and are able to view the information on it. Besides that, I'd like to be able that a user could tweet to the other users, warning he is online.
E.g.: user1, user2 and user3 share a project. If user1 is online, but user2 and user3 aren't, user1 would then click a button that would send a tweet (e.g., "#user2twitteraccount User1 is online!") to user2 and user3. The tweet sender would be an account of the website, not user1's Twitter account.
Is that possible to be done? 'Cause, from what I've seen so far, there are two options that are mainly used:
1) The "share button" option (Requires authentication): there is a share button, which sends a tweet on the user's timeline. It prompts a screen so the user can write whatever he want to tweet.
2) The "authorization-required" option (Requires authentication and application authorization): an application tweets on behalf of the user on his timeline.
Besides the things that I have stated, the main thing that bothers me about these options is that they tweet on behalf of the user on his account. As I am looking for a solution on which, instead of using the user's Twitter, the user would tweet throughout my site's Twitter, they doesn't work for me.
Am I missing to see something quite obvious in here, or what I want to achieve isn't quite usual? Do you know any ways that I could achieve this solution? Thanks.
I believe your best bet would be to use the Twitter web intents
You could then tweet to #user2 and #user3 from the account of #user1 adding a via #appname to the tweet text.
NOTE: #appname should be the twitter account of your app.
If this is unsatisfactory, then you should do what sarnold says as that would be the best option
(Only suggested the intents thing because you want to avoid requesting authorization)
You'll want to use the REST API.
Register your application and then POST tweets as you want to send new messages.
Related
At our company, we are working with several aliases. The current situation is that one team of 10 has two aliases. In SalesForce, they would like to put the link to specific emails so that anybody out of the team can open an e-mail related to a claim for instance.
In the e-mail's link, there's the "/u/0" part that identifies the mail gmail account (firstname.lastname#...), but it seems that the aliases have a different number for everybody.
So to be clear when they open the same mail in the shared alias, the e-mail ID stays the same in the URL (logic) but the digit after the "/u/" changes for everybody.
Is there a way to generate a URL that will open the e-mail independently of the person that clicks on the URL ?
Edit:
I'll try to be clearer. Our Customer Service Center employees all have two e-mail adresses: an individual one, and a delegated one. Customers will send e-mails to the delegated one (accessible by all employees). So what we would like to do is copy the link of the e-mail into SalesForce so that any employee (who has access to the delegated gmail) can check the e-mail. But, as explained above, as the individual gmail adress is always identified by a "0" after the "/u/" chain in the URL:
https://mail.google.com/mail/u/0/#inbox/156b821f776b6d4a
the delegated gmail adress is identified by a number that differs depending on the person. So employee A will have "/u/144/" as link to the delegated gmail, another employee will have "u/345/ as link to the delegated gmail. This makes it impossible to access the e-mail by clicking the link...
Hope this little case-study makes the issue clearer.
Thanks in advance
Julien
I'm trying to do this too.
I think the only way (outside of paying for the Google business email system) is to have a database of user IDs that link to each user's gmail delegate URL.
I have a system that allows about 6 or 7 users to login, however they all share the login details (it's a small website, with no important information stored). I will have to force them all to have separate login details, and then have a lookup for their gmail delegate URL.
If you have a lot of staff, then you'd have to get their buy-in. Maybe send a global email around that links to a simple web form, that takes them through how to enter their delegate URL. Then store this in a database, with their own personal email (the other gmail account). You should make the form validation strict, so no garbage gets entered. For users who get stuck (fail validation for entering a valid gmail delegate URL), ask them to email support. 95% of staff should be able to handle this. The other 5% would just be an exercise in patience, in getting the rest of the data.
I have created a public facing website which allows you to login using a username/password, or with Twitter, or with Facebook.
When logging in with Twitter for the first time (for example), a user is created in my database with a nickname matching the Twitter screen name. I want this nickname to always be unique.
The problem is that in some cases a user with that nickname already exists, so the user can't be added. I am unsure as to the accepted approach for this problem, the only solution I can see so far is to ask the user to override their nickname, but this doesn't seem too elegant.
The reason the nickname needs to be unique is not a code issue, but an interface issue, for example there are forums and I want each user to be uniquely identified by their nickname.
Are there any other methods anyone can suggest for dealing with this problem?
Edit: At the request of some of the replies I will clarify an example:
Lets say I have a user named Joe Bloggs who is a member on my website. He is not a member of Twitter or Facebook. His nickname on my site is JoeBloggs.
Then, another Joe Bloggs comes along, and wants to sign in with his Twitter account. His Twitter name is JoeBloggs, so when he signs in with Twitter, my system attempts to automatically set his nickname to JoeBloggs. However, this nickname already exists. What is the normal or best practice in the cases where nicknames like this overlap? The only thing I can think of is to prompt the user to specify a different and unique nickname (just for display on my site).
The reason I ask is that this must be a common issue for sites which let you login via Facebook, Twitter, Yahoo - there must be an overlap in the names which are returned from said websites, so I wondered what the normal process is.
Could you use the Twitter API to confirm they really are the Twitter ID they say they are, and if no Twitter account, allow them other means to authenticate (Google+, Facebook, LinkedIn, old school username and password)? Allowing users to login with a Twitter ID that they don't own seems like asking for a world of hurt.
Maybe you could try and change the database itself - get a field like 'nickOrigin', allow there values like '[yourSite]', 'twitter', etc., and only allow new entries if no entry with the same nick AND nickOrigin exists. Execute a query to modify existing users to have a nickOrigin of [yourSite], and things should be backwards compatable, or at least I imagine them that way :)
I'm doing a little experimentation. The end goal is to open Twitter in a new tab for a user that is already logged in.
I have gone down the oAuth route and I can post to twitter, retrieve tweets etc. but when I visit Twitter.com I still get the login page. I have a couple of questions
A) Is it possible to automaticaslly log a user in like this (I can see why it can't be but need to make sure)
B) Does anyone know of another way to acheive it?
When you redirect the user to twitter to authorize, send them to oauth/authenticate, instead.
This flow is called Sign in with Twitter.
I have a website with it's own login/registration mechanism (PHP, session, user and user_profile DB tables with username and password, etc). Let's call this the ABC account.
I just finished integrating Twitter's sign-on using Oauth, available as a "sign-on using twitter" button above my normal login form.
So now I have this scenario:
A user logs on via Twitter. Because Twitter, unlike Facebook, does not proivde access to a user's email address, I don't know if this person who logged in via Twitter is an existing user (in my user table) or not. So I create a new account for them (let's call this the "Twitter" account) and prompt them to merge with an existing "ABC" account by entering their "ABC" credentials. If they do so and everything matches, I store their twitter username, id and token in the DB record for their ABC account. Next time they login via Twitter I know who they are in terms of the ABC account (ie, the accounts are "merged") and all is good!
Except, I'd like to have the ability to have my site send tweets on their behalf, which basically means I need an authorized Twitter connection, which I only have if they logon via the Twitter button, not through the ABC account. The reason is with the latter I have their token_secret, received from the Twitter API callback after signing, but with the former I don't. My first thought of course was to save the token_secret in my DB (with the ABC account record) to remove this restriction, however it seems like this is the equivalent of a password and storing it could be secruity hole?
To boil this down to a question: is it "standard" practice to store the oauth token secret in the DB to achieve what I'm trying to do (which itself seems like a pretty standard function for a modern site)? . If not, what's an alternative implementation?
Update: looking at: Best practices - store Twitter credentials or not? it seems this is definitely not a 'best practice'. But it seems like what I'm trying to accomplish is...not sure how to implement? Maybe some kind of cookie-based solution??
Peter
ps -- BTW, if anyone has a better way to do the account "merge" I described I'd be open hearing about that as well. I did some google searching but really couldn't find anything too useful, although this problem must have been solved many times I imagine??? My understanding is that in the Facebook case the email can be used to "uniqely" identify a user (ie, match them to an ABC account), and do the merge without prompting (although I'm not even sure this is totally secure?).
Storing the tokens that Twitter gives you during the OAuth process is -exactly- how you should be doing it. Shove them in the DB.
I have a signup form, and I wanted to make it so that they have the option of recommending this signup to all their friends in facebook.
Is there a rails API/gem for doing this?
Is there an appropriate name for this?
Thanks!
Looking at the Extended permissions documentation, you don't get access to the email addresses of a Facebook user's friends (search for email and note the second column reads not available). If that's what you're trying to achieve, it's almost certainly not possible, without the user contacting each friend and asking them to visit your app (which I would imagine would have quite a low take-up, if only through inertia).
I guess you have two options:
popup a javascript before submitting the form to prompt the user wether he wants to share it with friends. You will use the js api http://github.com/facebook/connect-js (see the dialog section). This solution would avoid doing server side connection to the facebook api
Have a look a the Facebooker gem to do a stream_publish