I am currently using Devise+Omniauth on my Rails 3 app to authenticate users. My client saw this and doesn't like how omniauth redirects you away from the site. He wants something like on digg.com, which I believe uses facebook connect to authenticate (and opens in a popup instead of redirecting).
What are some arguements for my client to keep him using the Omniauth method? Why is it better than Facebook connect.
And failing that, are there any good resources for logging users in with a facebook connect popup window? Or really anything involving facebook and a popup.
Thanks!
OmniAuth supports login via the Facebook Javascript SDK, which works through a popup. You just need to include the right files. I don't remember all the details, but this should help:
https://github.com/intridea/omniauth/issues/120
Related
I've successfully added a Sign in with Facebook feature to my Rails 5 app with Devise and Omniauth.
Instead of my static button, I'd like to implement Facebook's embed "Continue as {name}" login button. In their documentation they'll produce the following code for you to implement:
<div class="fb-login-button" data-size="large" data-button-type="continue_with" data-auto-logout-link="false" data-use-continue-as="true"></div>
Just implementing it like that obviously doesn't work. I'd really like to be able to handle it in a way where I can specify it to direct to my user_facebook_omniauth_authorize_path. How do I do that?
I've implemented Facebook SDK on the website.
Thank you in advance. Your help is much appreciated! :-)
Omniauth uses the server-side login flow, whereas this button is part of the client-side login flow.
Only by being embedded on the client side can it determine whether there is a logged-in Facebook user in the first place - on the server side, that info isn’t available.
The server- and the client-side auth flow have quite significant differences, so I doubt you would be able to implement this, without rewriting how login is handled almost completely.
I am using omniauth-facebook and omniauth-twitter gems to enable log in via Facebook, Twitter.
Everything works fine, I am able to authenticate user using OAuth. The BIG problem here is that when user is signed out from my application, it doesn't log out
from the social site that they authenticated from, which is dangerous.
I would like to add a functionality that will destroy the session in both places i.e, my application and the corresponding social site.
How do I do that?
Is it possible using the omniauth gems that I am currently using? Or is there an alternative gem/API available to achieve this?
It seems to me that the problem is we don't know the user's intent. If the user logs out from your app and they don't have other tabs open with Facebook and then they walk away from the computer thinking they're all done but leave the browser open, then yes, that would be bad. On the other hand, if they have another tab which is on Facebook, if they log out of your app and then switch to the other tab expecting to carry on using Facebook, they'll be annoyed. You could argue that annoying people is better than leaving them logged in to Facebook unwittingly - I'd generally agree!
I don't know of a nice/official way to do this if you're handling the login flow server-side. Some suggest building a normal Facebook url - see https://stackoverflow.com/a/8765863 - and I guess you could redirect to that and make it redirect back if that approach still works (it's an old answer), but it feels brittle as the user implies.
If you're using the javascript api, there's the FB.logout function:
https://developers.facebook.com/docs/reference/javascript/FB.logout/
and/or the auto-display of a logout button instead of the login button using the auto_logout_link parameter:
https://developers.facebook.com/docs/plugins/login-button/
One option which covers both user intent scenarios is to have your normal logout button which obviously kills your app's session and when they click it, redirect to a page which has a "Logout from Facebook?" button - perhaps using the javascript login button with the auto_logout_link parameter. Then they can logout from Facebook if they're done with the computer, or choose not to click it if they have Facebook open in another tab and want to continue using it.
As I'm sure you know, omniauth-facebook supports both server-side and client-side login flows.
I'm not sure if an equivalent is possible with omniauth-twitter - I don't have experience with it.
I have a web application that uses Facebook Connect (built in Ruby on Rails 2.3.5 and the Facebooker plug-in) as the only authentication method (for now). I am also using a beta invitation system similar to the one described in RailsCasts.
I don't want the FB Connect button to be always visible, since that can let users without a beta invite to login to the application and end up in a "limbo state" where they are logged in but don't have full access.
But if I hide the FB Connect button, that means that some users with a valid invitation can't log back in (when their session times out).
What is the best design approach to use here?
I would do a check when you get your facebook callback that would say "hey, this person isn't on the beta list, so don't make an account"
in my rails web application I am implementing Facebook connectivity. I want that whenever user updates his/her status on my site his/her facebook status should also be updated. Is there any working rails application for this?
Please help.Thank you.
Have a look at the Koala gem which acts as a client to the Facebook graph API and does exactly what you need.
fb_graph as well also accomplishes what the koala gem does .
Though to update on a user to user basis you'll need to have some sort of login system in place. In that case I'd look at Devise using omniauth to accomplish this.
I use devise + omniauth for authentication and getting the right access token.
I use Koala for updating + reading information.
I am trying to make Authlogic and Facebook Connect (using Facebook) play nice so that you can create an account either the normal registration way or with Facebook connect. I have been able to get the connect to work one way but logging out only loggs out on facebook and not on my site, I have to delete the cookies to make it working. Any help would be awesome, thank you!
Here's an example app I made using the Facebook Connect extension, authlogic and Open ID. It still needs some work, but it does function.
http://big-glow-mama.heroku.com/
http://github.com/holden/authlogic_openid_selector_example/tree/with-facebook/
This is a good gem for that.
http://github.com/viatropos/authlogic-connect
Have you tried the Facebook Connect extension for AuthLogic?
just tried omniauth with authlogic, that works like a charm
btw, authlogic-connect is out-dated
You also have an example app to check (Authlogic + Omniauth)
http://omniauth-authlogic-demo.heroku.com/