I am new to flutter and am trying to post customers' location along with the registration from currently i am fetching the location from Google Map. Am not sure that I can POST location along with the current registration form. WordPress plugin - JWTs' REST API is using to register user, for other purposes like product fetching, category fetching I have used WooCommerce REST API. Just to clear out my question - Can I POST location along with customer registration form on flutter application using JWT auth plugin because currently i don't see any specific columns to save location. Hope you all can understand my question.
Is does not seems to be possible with your current setup as the endpoint is not allowing location data to be send.
If you need the location data to be send, you can either created another server (seperated from wordpress) that will communitcate to the wordpress instance and handle authentication. or find another wordpress plugin that enables you to customize the input of a certain endpoint.
Related
I am currently writing a web shop application, whose backend will be host at Parse SDK.
I want to add a funcitonality to my app, that if i get an API request to the server to create a new listing.
The API will be called from other apps(I want them to inttegrate it in their system, so if they make a new listing on their personal site, than it will create a new listing on my site too by calling that api).
I want to know if this is possible, I need authentication too, and I want to know if it is possible without providing them my DB application id and rest api key.
This got stuck in my head from many days, can anyone help or say at-least this is not at all possible?
I'm working on developing a chat bot using dialogflow which integrates multiple applications along with google home assistant, dialogflow, actions on google and an application which i want to manage using chat or voice commands. Until now its good and got amazed of features providing by google.
But i'm expecting one more feature. Don't know whether any alternatives available for this or not, but i tried exploring and reached to desert. Below are my requirements, if others think this is really unique and useful to them as well then i can say they are improvements or add-ons i'm expecting from DialogFlow.
Let's take an example of a chat bot which is serving users through google assistant and as a web bot as well. Now while conversing, intents may trigger web-hook in fulfillments which may require an authentication like OTP(Nope if anyone thought it for payments) which means registered users or limited users only can perform actions. This is same as we use roles and groups in all the applications.
The way google is sending google prompt to the user for logging into gmail, is there any way that we can collect PIN or OTP or PASSWORD through some notification sent to the users phone as some card's or input box like and html while conversing with chatbot through web or home assistant etc..., so that it helps in adding more security.
I recently worked in a chatbot project where I had to authenticate my users. I'm writing an article about it, but I'll tell you what I did:
First of all, I'm using OAuth 2.0 protocol to authenticate my users, but if you doesn't use OAuth, there's no problem, you could do something equivalent.
I'm using Authorization Code Grand flow.
Let's see the steps:
Step 1 - Authorization Url:
My bot generates an authorization url which contains all needed data to identify the conversation in callback moment. Like this one:
https://authorization-server.com/oauth/authorize
?client_id={your-client}
&response_type=code
&state={conversation_id: 123456789}
&redirect_uri={your-callback-url}
Notice that the state parameter contains the conversation_id which identifies your conversation, this state parameter will be back when users return to your handler.
Step 2 - User Authentication
When users click in this link, they'll be redirected to your login page at your authorization server.
Step 3 - Callback
After users get authenticated, they'll be redirect back to your handler (an endpoint which will receive the authorization code from authentication server and the state parameter).
When it received this authorization code, it'll be exchanged by an access token in authorization server.
Step 4 - Store token
In the final step, you already has an access token and the conversation_id parameter, you can store it in a database, in a cache or be stateless. Your rules!
In my case, I'm using Watson Assistant with Cloudant database, and I store those access tokens in my database. So, when users request something to my bot, it could get this token from database and pass to my back-end servers.
This kind of approach, I call "magic link". And you could improve it by shortening the url as bit.ly does.
I hope it could help you, feel free to ask me if you need.
Best
You probably don't want to implement the OTP scheme yourself. While you could do this, there are other systems already in place that will do this for you.
The best is the one that you reference - Google Sign In.
Fortunately, you can leverage Google Sign In for both your website (where you would get the user to sign in and then pass this information along as you do the Dialogflow calls) and for the Assistant (where Google will pass along an ID token, indicating it has authenticated the user).
Im writing a user registration mechanism by hand so I dont want to use existing plugins or something.
Im wondering what the best way would be. I planning to do the following abstract steps:
Writing an component which is in charge to output a button which calls the facebook-api --> login in via facebook (Im getting token and user name/id)
In my route im using that Data to call the REST-Server-Backend of my app. I will pass the token as well as the username/id to the Server. (POST api.myapp.com/users)
The Server recieves the request and will validate via Facebook-API
the user data and token on its own --> if valid: Add new user to
database.
If the user wants to login now (after registration) he will do again
step no.1 and than will ask the server if the user is existing. But
how: Since ember suggest that the REST-Server is somekind of a
CRUD-Server and using the store is for working for model data only, there
is no possiblity to do a "logic"-call to the server like "ask
him if user with id is existing". Should I call "GET ../users/" and than check in my route if the sum of the returned records are smaller than 1?
So is that a common pattern?
Sounds like a fairly simple OAuth workflow but obviously refer to the facebook docs. As far as point 4 is concerned, I would suggest that yes, on login you make a request for the login route on your server (which should abstract the facebook OAuth call), and if the user is authenticated, then send down the user resource, otherwise redirect them to the login and send down some sort of 401 HTTP error.
As all your API calls should be authenticated too your user won't be able to access any protected API resources.
I would also suggest you look into an ember plugin like ember-simple-auth which also supports OAuth.
You can find more information about OAuth2 workflows here.
My Situation:
I'm trying to populate a shared Google Calendar when an event is created on the Salesforce interface. Im currently using the latest Google Calendar v3 (RESTful) API for the same https://developers.google.com/google-apps/calendar/ with APEX my development language.
I'm using a trigger that catches all the value from the fields (trigger.new) and passing those values to a class that does the JSON serialization, authentication and API call.
Till now, I was able to get all the data from the object and pass is to the class and get it serialized. But I need to do the OAuth 2.0 call before I can make a Google Calendar API call. https://developers.google.com/google-apps/calendar/
I have setup my application on the Google API Console and obtained the Client ID, Client Secret etc.
The usual way OAuth 2.0 works is that an authentication page pops-up waiting for the user to grant access to the API so that it can access the calendars linked to the users account.
My question:
Is there any way I can get the OAuth done in the background using a static/private key which is either obtained by granting access just once but not every time or just programmatically using the key value in the class to authenticate the user.
Looking forward to getting useful suggestions/inputs/help from everyone.
If the user --once-- have made the authorization you got the access_code and the refresh_code.
I found it helpful to store both codes with the application (here Firefox and password manager). With the next start of the application (Firefox/extension) I use the refresh_code to request a new access_code. That is used during the session for any further calendar call.
I am trying to create a REST API using Java.
Now, for the front end, I am using socialauth, so that facebook/twitter/yahoo/hotmail/gmail users can sign in to the application.
After a user is signed in, he should be able to access the data for his account- I want to create a REST API that enables each user to access his data. I have understood the basics of creating a REST API using Jersey framework, however how do I ensure that only a user who is correctly logged in to the application, can access data via the REST API?
What I thought of is, I will store the user's email ID in session, when he logs in. And whenever he makes a request to the API, the email ID in session is passed as a input parameter to the REST API, and the REST API checks that data is asked for same email ID, as the email ID parameter.
Is the above way of thinking correct? What is the recommended/best way to implement REST API in the scenario as given above?