I'm currently using OAuth to authenticate people with their twitter (twitter gems) acount in my application. The problem is that for people who aren't connected or who have various accounts.
So that's my question, is that possible, to ask user their login/password to link their twitter account on my application ?
Thanks
It is no longer possible to connect to Twitter's API using Twitter credentials. Twitter's public stance on this is that you should -never- provide your Twitter credentials to anyone else, ever. This is part of their rationale for implementing OAuth.
Even if you had the user's Twitter password, you couldn't validate that it was actually their password, nor could you access their Twitter account with it through the Twitter API.
Your best bet would be to look into devise and omniauth. I've gotten it to work this way. Omniauth also allows to link to several accounts. Be it, Facebook, Twitter, etc.
I'm sure it's entirely possible to ask users for their Twitter login/password on your application. It's a very bad practice though, as OAuth avoids the need for client applications to ever touch a users credentials. I suggest setting up an authentication/authorization system that maintains a login/password and then allows connecting multiple OAuth accounts via an AuthenticationStrategy model or the like. Ryan Bates did a few Railscasts on the subject:
http://railscasts.com/episodes/235-omniauth-part-1
http://railscasts.com/episodes/236-omniauth-part-2
Related
I'm planning to build a simple rails application. User would sign in to my app and would get a list of website links like facebook, twitter or gmail. If he clicks this link from my app, he won't have to input username/password to that site except for the first time.
What should be the approach? Can rails apps store username password and provide them through url? Or can it persist sessions forever so that those first time authentication tokens remain?
All those examples I've seen talks about 'sign in to my app with facbook, twitter etc'. I need just the reverse. Sign into multiple sites through my app.
Any help would be highly appreciated.
As far as I understand the problem, you need to use the OAuth. https://github.com/intridea/omniauth
The canonical screencast on the topic http://railscasts.com/episodes/241-simple-omniauth
Basically the idea is that you let your app to be authenticated on FB/Twitter/etc by the user. After that you'll get the user ID on an authentication token from the service, and then use those credentials to talk to FB/Twitter/etc APIs
I have an existing rails app which uses 'devise' for authentication.
I would like user's to be able to link their twitter and facebook accounts to their account on my site, so that my application can post updates on their behalf.
Ideally:
When registering, you can choose to set up a standard account, or use twitter, Facebook, etc credentials.
If user chooses to use facebook credentials, I would still like them to be able to link their twitter account, so that my application can post to both at same time on their behalf.
A bonus would be allowing them to have identities which they could link twitter account A to one identity, then switch identities and use another twitter acccount.
My questions are:
if they use a standard account, and link facebook and twitter, are they going to be prompted to enter those credentials every time I post on their behalf? Or does omniauth give me an infinitely valid token?
I know devise can handle omniauth, but I can't seem to tell if it can handle what I am asking. It seems that it's omniauth support is more along the lines of just authenticating site users against twitter credentials not for linking multiples.
is there a rails gem that does this, and is well supported? I see socialite is no longer supported, but it seemed to be a one or the other type deal, not what I want anyway.
because I am already doing standard auth with devise, would it be simpler to just force users to create a standard account, and then use the twitter and facebook api's directly on top of that?
Looking for the best strategy here for doing what I want.
*note: If you think I can get 75% of what I want for 25% of the effort that all my goals would be, let me know. *
Thanks,
~S
I want my web application, which is built with Ruby on Rails, to communicate with the Facebook Social Graph API, but I am aware of that I need some kind of authorization to achieve that.
So, do I need to build OAuth authentication for my application to make use of auto-publishing messages on the user's Facebook wall?
If not, how could I integrate the social features into my web application?
The web application already has an existing user base; could I also allow my application to get Facebook access? If yes, how?
I would appreciate examples of sites who do this kind of integration really well, also with other services like Twitter, LinkedIn, etc..
All is explained on the facebook developers site:
http://developers.facebook.com/
This explains the auth you need to access graph
http://developers.facebook.com/docs/guides/web/#login
You can then combine graph info with your existing user database by saving their facebook ID number hence then you can pull up profile pics etc
Try using the following gems:
Devise: User authentication (If you already have the framework for user authentication, this will not be needed.
Omniauth: Facebook (or any other OAauth e.g. Twitter) authentication
Koala: Facebook open graph api
If you need only Facebook integration, Koala should be sufficient.
For making them work together check this:
Making OmniAuth, Devise and Koala work together
anyone knows if it is possible to do registration via twitter just like facebook register (http://developers.facebook.com/docs/plugins/registration/)?
it is not login via twitter. i need to store some basic information from the twitter user, eg, name and email, and then request user to choose their own username and password for my site.
Thanks!
Twitter doesn't have this functionality at all , they have #anywhere for integration for some Twitter features on your website. That's the closest there is to this. What you can do is register an account with the information you gather from an authenticating user, but the development of this would be up to you. There are no boxed up solutions right now from Twitter. There may be something third party but I'm not aware of any.
It's also "against the rules"
You may not use Twitter Content or other data collected from end users
of your Client to create or maintain a separate status update or
social network database or service.
https://dev.twitter.com/terms/api-terms
I want to create an web application that will link up a student's facebook, twitter and orkut accounts all under one shed. Its like connecting all the students within a college, to login into the web app, the userid will be the unique studentID provided by the college
itself.
Now, once a student has logged-in, he can open his facebook, twitter and orkut a/c in the same window, lets say under tabs. How can i do that??
I mean how can i pass a student's Facebook's user-id and password to facebook server and if user authentication is done, then show the student his facebook wall.
I am very confused and don't know how to deal with this.
Storing username and passwords is not a very good idea. Neither Facebook nor twitter supports it through API.
For Facebook integration use the OpenGraph protocol with any SDK that Facebook provides, like Javascript SDK. Mogli is a ruby wrapper for OpenGraph API
For Twitter, there are multiple options like John Nunemaker's Twitter gem. Use that to talk to Twitter API.
Ultimately, it comes down to the architecture of your application. You can start by creating models like 'FacebookConnection' or 'TwitterConnection' and linking them to your 'User' model.
Solving it easy, just make the link open twitter/facebook. if they are signed in there already, their homepage will show, otherwise they will be prompted to enter user/pass.
To integrate your application with those platform, each platform got it's API and connect method, with this you won't need the user password be stored in your app. You instead will, twitter as an example, create a twitter application that communicate with twitter's API, and then redirect the user to twitter asking twitter to grant your application some access to the signed in user account, almost the same as you will sign in with your google account here on stackoverflow.
To do the communication with each of those platform, refer to the API/Connect documentation they provide and implement it in your web application. Don't reinvent the wheel, most of the communication functionality will be already coded in an easy to use library, whether for rubyonrails or most other development frameworks/languages.
look at facebook connect, oath (for twitter) etc instead of storing passwords
divs/iframes with some kind of tab control (jQuery?) to handle toggling of what should be visible.