I am integrating my app with FaceBook on iPhone. When the first time user log's in I would like to ask him to enter the FaceBook credentials, but after than whenever he come back to my app I don't him to show the login screen again. So I have two questions
How does this single sign on works? - it says that if the user is already logged into FaceBook through some other app, FaceBook login screen will not be shown to him, so does the FaceBook gives the same access token and expiry time as it has given to the other app or does it create a new access token and a new expiry time?
So after the expiry time, user will be presented the FaceBook login page again? I really don't want this to happen, is this is way to avoid it.
One solution that i can think of this to make a request with the permission for offline_access, in which case the token will never expire, any other solution guys?
Related
I'm creating a book library app, where people buy an account and become able to read all the books...
In the past, we were able to get the UDID of the iOS device and the login only works from this specific UDID.. now apple prevents this, another solutions were there like OPEN-UDID but now doesn't work...
Are there any other means to prevent the user from giving the credentials to another people??
The only solution on top of my head now is this :-
When a user login, a flag on the server becomes true, and when another account try to login using the same credentials, it will show an error message "you are already logged in on another device".. when the original user logs out, the flag becomes false.. this will prevent the account from being used on multiple devices at the same time.. but the drawback is, what if the user unInstalls the app without logging out?
Is there a research on this topic that covers all these scenarios?
Is there a way to use apple keychain or iCloud or any other solution ?
What you can do is on new login invalidate api request(and send them to login screen) of previous login you can use device token with each api to check if you want to send data to device or it's a old login token and needs redirect to login. you have to just store a device token for each account login if it matches then send data else redirect to login
Edit 1:
if you uninstall the app then you have to login again from other device to access the books(data) and in each login you'll replace the old token with new one. Now only device which has this new token can access books. All other device if there are any login left in any device then they will get message from API that token not matched and you have to redirect them to login page again
I am using Cognito to signup/signin users from my iOS swift Mobile App. It seems that after login, a temporary token is provided. Until the token expires, the user does not need to signin when he relaunches it.
My use case is that I always want my users to sign in when they launch the app. Does anyone knows how to customise Cognito for this kind of behaviour ?
I do not want to force log out when the users kill the app, because there are several other cases for which I won't be able to log out (during crash for instance)
The SDK can clear login state, perhaps you could store a timer for the last time they did sign in? Then when the app spins up, check that timer, and if it's above some threshold you could clear the login state and ask them to sign in again? That could handle a quick close and re-open.
I am developing iOS App which use Facebook iOS SDK 4.
When user has already done Facebook login, by doing Facebook login the dialog which shows "user has already approved your app" had be displayed.
So, do not show the dialog. I want to know whether the user has already done Facebook login.
Anyone know the good way? I think accessToken is returned if user once had done Facebook login.
FBSDKAccessToken manage current logged user's accessToken.
According to official Facebook Login guide
"FBSDKAccessToken Represents the access token provided by a successful login. Most important, it provides a global +currentAccessToken to represent the currently logged in user."
The currentAccessToken is a convenient representation of the token of the current user and is used by other SDK components (like FBSDKLoginManager).
According to above you can check either user has valid accessToken or not and based on this you can track call login method otherwise just skip to next flow.
In Facebook the access tokens are per user so you can pass them around apps and they will work. In your case if you can ship an access token from another app you will be able to skip the next logging in and use the API normally.
However I think this this thread will help you.
Things are a little bit different with iOS cause I have done a facebook login on Android and got no such issues.
I'm making a game for iphone, so my question:
How is the end user supposed to change his login. Meaning if he decides to log in under a different name?
I noticed that even a resetting of the phone and reinstalling the app doesn't work, I'm still logged in under the same user as before.
My next guess was FB.Logout, but this page tells me not to use it:
https://developers.facebook.com/docs/unity/reference/current/FB.Logout
And also, under Settings -> Facebook I logged into another user already, too - in my game it's still using the old user...
You need to set
[FBSession.activeSession closeAndClearTokenInformation];
for Facebook Logout.
closeAndClearTokenInformation closes the session and clears any cached info, destroying the session. This means that when the app is re-launched the cached token will not be available. The login view will then be shown.
That is because that LogOut function will log out the user from FACEBOOK, not just from your app. Plus the documentation you are looking at is for unity. You should follow this guide: https://developers.facebook.com/docs/facebook-login/ios/v2.0
They show how you can easily log in and log out which is what you are looking for. If you don't have a predefined account set on the device then you will be able to log in with your email and password using the facebook log in interface (in were you can log in as a different user if you want)
I am using Facebook SDK 3.5.1 in my app, my requirement is that i have logged in the app via facebook with one user (say user A) and now if i login with other user (say user B) in mobile safari/facebook app (which one is available), in this case can my app get notified that another user logged in other than one who is logged in app.
Any references or ideas?
the user logged in still A, when the facebook sdk perform a login a token is obtained and stored localy in your application data, untill this token still valid the user A still logged in, when the token expire there are 2 option, the fb library renew the token silently and user A still logged in or the library need to autenticate again the user, at this point it's possible that a login dialog is presented by the fb library or the session expire and so a logout, and after a new login process the logged in user will be B. In case of iOS6 with a facebook account is pretty much the same a part for the renew process, so could be possible to fail the renew earlier because the user is changed... at the no, the library doesn't notify you that the user is changed, the app will be just logged out when the fb session expire