I'm building an app that includes real-time group chat where each chat has a "details page" that includes information like group name, time, location (mapview) and a tableview that lists all the participants. The app works like Whatsapp where your "friends" come from your local contacts, so when you login for the first time, all your local friends are saved to Realm. What I'm having a hard time with is how to manage the details page where there is a mix of users stored in Realm and some that need to be fetched (Eg. if you're added to a group with some people you don't know). My current solution loads the Realm users first then loads the others when they are fetched, and this happens each time the view appears. It's very clunky and isn't a very user-friendly experience.
Looking at Whatsapp, when viewing the details page for a group I have not opened before, the page has a slight delay before opening and then displays all the users in unison. After the initial viewing of the details page, any subsequent viewing does not have any delay and all the users are displayed right away (local friends or otherwise).
I'm sure there is some sort of caching involved but I'm not sure what type and where to start. Any input would be great, thanks!
I'm currently developing my first native iPhone app (though I have many years of experience as a web developer). I'm having some difficulty understanding the best way to handle login and I'm looking for some advice on the best way to go about it. The more I think about all the things that can go wrong during login, the more my brain wants to jump out of my head. I'm getting really frustrated with this and could really use some advice from some more experienced iPhone developers. Thanks in advance for your help.
My goal is to support Facebook Connect in the first version of the app, and then to support other SSO services (Twitter, Google, etc.), as well as my own user account system in future versions. The current plan is to have a MySQL table on the server that looks something like this:
users (id, nickname, facebook_id, ...)
When a user logs into the app via Facebook for the first time, an entry will be created in this table for them. You may think this isn't necessary, but it will allow me to expand to other services later on. For example, I could do this:
users (id, nickname, facebook_id, twitter_id, google_id, username, ...)
This table would have nullable fields for facebook_id, twitter_id, google_id, and username. If the user logs in with facebook, they'll have a facebook_id. Twitter users will have a twitter_id, Google users a google_id, and my own users will have a username. They'll all be uniquely identified by my own id regardless of what login system they're using.
So I'm pretty comfortable with the back-end implementation of user accounts. I can setup a web service that the app can call to create/retrieve users, verify logins, etc. No problem.
The problem I'm having is implementing a proper login flow with the iPhone UI components. My particular app uses a UITabBarController that serves as the main navigation. One of the tabs is labeled "My Account" and contains information about the currently logged in user. If the user clicks on the "My Account" tab, they are presented with a table view that serves as a submenu. It has options such as "My Profile", "Settings", and some other things. If they click on any of these menu items and they aren't logged in, then I use the presentViewController function to pop up a login screen. They click "login with facebook" and go through the typical Facebook authorization process. When they've completed that process, I use dismissViewController to remove the login page and display the page they were trying to access. If they cancel the login or if the login fails, then I use popViewControllerAnimated on the UINavigationController to send them back up to the "My Account" submenu. For those of you who are having a difficult time envisioning this, check out the Amazon app. It is almost the exact same thing (just click the "More" tab when you're not logged in and try to click one of the menu items underneath it).
That all works pretty well and I'm happy with it. But here's where I get confused:
What the heck do I do if they're several levels deep into the UINavigationController within the "My Account" tab and their login session expires?
Let's take Facebook login for example. Facebook uses session tokens to keep users logged in. The tokens expire after a certain amount of time. Let's say the user navigated down into "My Account", then clicked "My Profile", and then clicked on "Edit" and are shown a screen where they can edit their profile information. So they obviously need to be authenticated in order to view this page. In fact, they're 2-3 levels deep into pages that they need to be authenticated to see. Now let's say they get interrupted by a phone call or something and forget all about what they were doing. The next time they access the app is a week later when their login session has expired. I can handle this in a few ways. None of them seem great to me.
Solution #1
The Facebook SDK will automatically call a method on the AppDelegate class that notifies me of the expired session. Since I am notified of the session expiration at the AppDelegate level, I have no idea what page the user is currently looking at and whether or not they need to be authenticated in order to use it. To get around this, I can have all ViewControllers that require login to extend a "ProtectedViewController" class or something that indicates the user should be logged in to see that page. Then when the AppDelegate is notified of the session expiration, it will try to figure out what the current ViewController is and check if it extends "ProtectedViewController". If it does, then present a login screen. If the user successfully logs in, then everything proceeds as normal. If not, then return the user to the first screen of the app where they have to start all over. This is bad because the user will lose anything they've typed in already, but I don't see any way to avoid it with this solution.
Solution #2
Ignore the session expiration event at the AppDelegate level and instead do this: before any action is taken that requires a user to be logged in (e.g. when the user clicks "Save" on their "Edit Profile" page), check if they are still logged in. If they aren't, then present a login screen. If the user fails to login, then send them back to the start screen. This solution is a pain in the ass to code because I have to perform a check on practically everything the user does within the protected area of the app -- when they view a page, when they click a button -- just about everything.
I would also prefer to avoid sending the user all the way back to the start screen of the app if they fail to re-authenticate. Instead, in this case, I'd prefer to send the user back up the UINavigationController to the "My Account" menu -- which is the closest page that doesn't require login. Sure, I could hardcode that, but I'm looking for a solution/pattern that works a little more naturally and that I can reuse in other apps.
I would really appreciate some guidance. Surely I'm not the first person in the world who has needed to solve this problem. Unfortunately, Google hasn't been much help.
Thanks.
EDIT: Another idea is to subclass UIViewController (e.g. "ProtectedViewController") and implement the "viewWillAppear" method. Inside this method, I can check if the user is logged in. If not, then I slide up a login page. I still don't know how to handle the case when they fail to login, though. This solution has a problem, though: if the user's session expires while they're using the app, then I won't re-authenticate them until the next time they click on a new view. If they're already looking at say an "edit" page and click the "save" button, then they won't be re-authenticated. But perhaps this is a step closer to the solution.
Don't forget that the app delegate is the one that adds the whole tab bar to the main UIWindow. On detection of credentials failing, you could simply remove the UITabBarController from the UIWindow, and replace it only with your own login view to re-authenticate. That eliminates any possibility they could interact with anything in the tab structure, but when restored means whatever position they are at within the tabs is preserved (since you would simply remove the tab bar controllers view but leave the controller intact).
Here how I managed it in a recent project using singletons.
Create a singleton class, say LoginManager that has a method called,
-(UserInfo*) getValidatedUser: (UIView*) senderView
Inside this method check to see if the token is still valid.
If it is not valid simply create a new view that forces the user to login using FB credentials and overlay it on top of the "senderView" so that the user is forced to login, like this:
[senderView addSubview:loginView];
Once the token is valid, you return back the user information.
With this basic logic in place you can now call this getValidatedUser method from your view controller classes whenever you need a valid credential to do something:
UserInfo* myUser = [loginManagerObj getValidatedUser:self.view]
The method internally decides if a login page should be shown or not.
Hope this helps.
Folks:
I am new to Facebook Development. I have a problem showing which user details my app is asking for in the Auth Dialog. It always show a user that the app will receive his basic info. On the app settings page at Apps-->AppName--> Auth Dialog I can see 2 preview dialogs. One is Current dialog, this is what user sees, and a referral dialog, this is what I want to display to user but I am unable to show it. My question is whats the difference between the 2 dialogs and how can I enable the refferal dialog to be shown always.
I want to achieve a login dialog like the one in the below site
http://www.trippy.com/
Mark - the referral dialogue is when a link created and posted by an app user is clicked on by a non-app user in the news feed, ticker, etc. You can read the exact details here, does a much better job at explaining than I do. :) https://developers.facebook.com/docs/opengraph/authentication/#referrals
I've had a hard time finding anything like what I'm trying to accomplish, seems as though FB updates their way of doing things every 6 months. The documentation I have found is hard to follow and I'm sure this can't be too hard. Here's what I'm trying to accomplish:
We operate a SaaS (in simple terms:) need to allow the user to provide a Form ID and return them a form via iFrame
Product management wants to be able to provide our customers with an app on Facebook where they would need to only add in their Form ID + Title, don't care about actual authentication with our product, just an ID to fetch.
The app would show up as a tab on their Facebook Page (and/or profile?) with the title of the tab showing what they entered and an iframe with the formId as the parameter to the source.. ie: the contents of that page tab would be a loaded iFrame: <iframe src="http://gotomyserver.com/fetch?FormId=123">
The idea is that our customers customers will see this form loaded up if they click on that tab on the page.
This doesn't seem like it should be overly complicated, however I'm having a lot of trouble finding information / understanding the documentation, or maybe I'm approaching it in the wrong manner?
Thanks
What you're trying to achieve is not possible at least because the same app can't have different titles depending on the page it is shown.
I would recommend you to make web application that serves the forms. Creating app everytime a user wants takes 5 minute. You will just need to insert in page tab url the corresponding address: http://gotomyserver.com/fetch?FormId=123 and set the title. Even your clients can do that by themselves.
Displaying an app to a facebook page takes an url copy/paste.
I'm attempting to develop my first Facebook app that is designed to allow clients of our website to sell tickets to their events from their Facebook page as well as from our website. So when the administrator of a Facebook page adds our app as a page tab, I need to be able to find out who they are so I can load the relevant event data. There also needs to be additional include/exclude configurations and various other options, which will affect the behaviour of the app.
So my question is how is this situation best handled? When playing around with a basic sandboxed app, I seem to be able to just add the app directly to a page; there is no prompt for configuration, and I can't see any way of defining custom properties.
Is the 'edit_url' property the only way to achieve this? If so, is there a way of automatically directing the page admin to this link upon initial use?
Decoding the signed request recieved in your page will give you more insight.
From this you can retrieve page admins' UID's.
You'll need to manage the rest on your side...
In order to get the user id the user will have to grant your application basic permissions.
I'm currently doing a somewhat similar app and, just like Lix said, I used the signed_request variable to detect the page where the tab is installed. Then, based on the page's ID, I retrieve the proper content.
To also give your users an admin page, add a Page Tab Edit URL in your app configuration where you can redirect your users to a custom panel where they can edit their app.