I am using google one-tap login for my web application.
Reference: https://developers.google.com/identity/sign-in/web/sign-in
This one-tap login is replacing the custom sign-up form I used to have.
While the concept is a "one-tap" login, it is missing the term of use agreement.
The old sign-up form contained validation of the term-of-use agreement.
Now I wonder if I can move to google one-tap login with my custom term-of-use.
Thanks.
Found that on the on-tap login popup, there is a link to the /policy route of your web application.
The policy / term of use can be displayed on this route.
Related
I have been trying out the spring-security-facebook plugin and so far its been smooth. I am able to use the facebook login button and have also created the FacebookAuthService for some custom processing - in creating my own user object and associating it with the facebook domain object.
However, what I want to do is integrate the button with the auth.gsp provided by spring-ui. I was able to take the first step in this and the button now appears along with the regular login form. However, on clicking on the FB login button, I want the workflow to be the same as that of the regular spring flow.
Are there any pointers for this?
I assume I will need to stop using the facebookAuth:connect tag and instead build this part of the flow using javascript - but how do I get the logged in user now connected to spring so that on clicking the FB button, the page then goes to the page that I was earlier trying to access before spring security redirected me to the auth page?
Any directions for this would be much appreciated, thanks.
Spring-Security-Facebok plugin uses cookies provided by Facebook (set by JS SDK after auth). I mean there is two steps: first step is when user is logged into app on client side (done by javascript), and second when page is reloaded and server login user on server side too.
Probably you can make your own Javascript event listener on 'auth.login', and redirect to requred page. User will be authenticated at this point.
I have Janrain Engage for a site with three providers (Facebook, Google, Yahoo)
If a users authenticates say via Facebook on my site and then comes back to my site, instead of showing the three login options it shows only Facebook Icon and Sign In As NAME. To get to the screen with the three options you have to press "Switch Accounts".
Is there anyway for JanRain not to do this? Not to only show the login option you previously used, but instead show all of them?
Add the following to your block of widget settings (assuming you're using the newer widget):
janrain.settings.noReturnExperience = true;
I would like to integrate facebook in my actionscript application. I am using facebook actionscript api available from code.google.com.
I would like to know if there is any way to creating custom login dialog rather than using the default facebook login dialog as i want the user to just sign in to facebook rather than exploring the other fields like "Sign up" and "Forgot password"
I cant use the current api as websites use it for logging to facebook. It is open to sign ups exploring other languages.
I would like to prevent the whole thing by customizing the login dialog. Does facebook provide something for that? Or can it be done it in any way?
Any help appreciated.
Nope, never seen a way to customize it to that level where you can remove core functionality of their dialogs. The advanced auth dialog and the registration plugins can get customized more than the old one.
I am trying to use new enhanced auth dialog instead of old one in a new application,
I want to first of all display a page with a message to the user, then he can click on a button and then he have the enhanced auth dialog.
My worries are when i set up my new application, the auth dialog v2 is displayed and then if the user accept permissions, then he is redirected to my home.php.
Is it possible to use enhanced auth dialog but first of all displaying a page which inform about the application?
Thanks! :-)
Yes it is possible to first display a page to the user before putting up the auth dialog. I have a current production app that does just that.
In your app, have a connect button of your own making that you display to the user when they are not connected to Facebook.
When a user clicks it, redirect to the page you want to show them with the special wording.
On that special page, have the real facebook login button (or a button/link that fires off FB.login())
Well, I have found the answer.
If you don't want that Facebook display the enhanced auth dialog before your application, but do it manually, when you want,
in your app settings, in "auth dialog" tab, don't write anyting in "Authenticated Referrals" !
And that's all :-)
My WebApp needs to authenticate user before allowing any sort of access. The scenario I'm trying to implement is a login page with username and password fields. Once user hits "send" button, a sign like "Verifing..." should be shown up while an RPC call verifies credentials. In case of success, load the main app screen.
What is the best way to implement that?
Have you looked at this page ?
It describes how to do the following:
Create a 'login' page that is based
on user/password authentication.
Store this data in a secure fashion
on your server.
Allow users to 'remain logged in' for
as long as you want so they don't
have to enter their user name and
password every time.
Make 'auto-complete' features of most
modern browsers work with your GWT's
login page. Discussion on adding more
security with either HTTPS or fancy
hashing algorithm.
I'm not sure how well secure your application has to be... but I would suggest leaving that piece of work to spring security.
You could make a regular login.html page which would, upon successful login, redirect user to the "real" gwt app.
Check out this article:
http://code.google.com/webtoolkit/articles/security_for_gwt_applications.html
Not tailored directly for GWT (can still integrate with it), this is a great tutorial for implementing a secure login system.
http://drdobbs.com/web-development/231002659