I'm using gapi.analytics for Embed API and I'm verifying the authentication using the below code in gapi.analytics.ready function.
if (gapi.analytics.auth.isAuthorized()) {
onAuthorize();
} else {
gapi.analytics.auth.on('success', onAuthorize);
}
but gapi.analytics.auth.isAuthorized() is always returning false on page load.
How I can fix this?
You can do it this way:
gapi.analytics.auth.on('needsAuthorization', function() {
console.log('User is not Authorized!');
});
When invoking the gapi.analytics.auth.authorize method, an initial check is made to see if the user is currently signed in. If the user is not signed in, this event is fired to indicate that further authorization is required.
Related
When configuring Push State with Aurelia and Visual Studio, I am getting an odd behavior where after I select login my entire app reloads instead of the router just pushing to the homepage. This also happens when I logout, I get to the login screen and it refreshes the entire app. I am using Aurelia Auth. Any assistance would be much appreciated.
I think I had the exact same issue some time ago and this was one of the reasons I switched back to pushState = false (but my infos may be helpful for you).
Anyways, the following issue describes what I was facing: https://github.com/paulvanbladel/aurelia-auth/issues/55
The problem is, internally the plugin sets href:
Login - https://github.com/paulvanbladel/aurelia-auth/blob/master/src/authentication.js#L95-L99
if (this.config.loginRedirect && !redirect) {
window.location.href = this.getLoginRedirect();
} else if (redirect && isString(redirect)) {
window.location.href = window.encodeURI(redirect);
}
Logout - https://github.com/paulvanbladel/aurelia-auth/blob/master/src/authentication.js#L139-L143
if (this.config.logoutRedirect && !redirect) {
window.location.href = this.config.logoutRedirect;
} else if (isString(redirect)) {
window.location.href = redirect;
}
What you need to do is avoid both conditions, i.e. set loginRedirect and logoutRedirect to the empty string (''). Then, do the navigation on your own via Aurelias router as I did in my example from the GH issue:
return this.auth.login(userInfo)
.then(response => {
console.log('You signed in successfully.');
this.router.navigate('/contents');
})
Of course, do the same router navigation on your logout method.
Documentation for Parse.FacebookUtils.init() states:
The status flag will be coerced to 'false' because it interferes with Parse Facebook integration. Call FB.getLoginStatus() explicitly if this behavior is required by your application.
Unfortunately, when I try to call FB.getLoginStatus(), I get TypeError: Cannot read property 'getLoginStatus' of undefined. Is there either a callback that I can use to know when FB is loaded, or some other way to check the login status of a user on page load?
It would help to see some code, it sounds like the SDK hasn't loaded when you call getLoginStatus().
Anyway this may help, I took Facebook's basic Login flow and added Parse around it. It checks when the DOM is loaded so you could use some of this logic also.
Simple Facebook Login test with Parse - view source
Hope this helps.
I ended up using promises to resolve FB after it's loaded.
var fbDeferred = $q.defer();
$window.fbAsyncInit = function() {
Parse.FacebookUtils.init({
appId : 'xxxxxx',
xfbml : true,
version : 'v2.2'
});
fbDeferred.resolve(FB);
};
var getFB = function(){
return fbDeferred.promise;
}
var getFBLoginStatus = function(){
return getFB().then(function(FB){
//**FB is now available**
FB.getLoginStatus(function(response) {
if (response.status !== 'connected'){
...
}else{
...
}
});
});
});
I am trying to implement user authentication in my sails app.. But I am encountering a problem in different controllers that their action are being called twice.. I have checked from my browser and the request is only being sent once.. Here is an example..
// api/controllers/AuthController.js
...
logout: function (req, res) {
console.log("Loggin out");
req.logOut();
res.json({message: 'Logged out succesfully'});
},
...
Following is my config/routes.js file. (using get for many action just for sake of ease for testing api..)
module.exports.routes = {
// By default, your root route (aka home page) points to a view
// located at `views/home/index.ejs`
//
// (This would also work if you had a file at: `/views/home.ejs`)
'/': {
view: 'home/index'
},
// testing the api
'get /users/check' : 'UserController.test',
'get /login' : 'AuthController.process',
'get /logout' : 'AuthController.logout',
'get /signup': 'UserController.add',
'get /verify/username/:username?' : 'UserController.checkUsername',
'get /verify/email/:email?' : 'UserController.checkEmail',
// add friend
'get /:user?/addfriend': 'FriendController.addFriend',
// accept request
'get /:user?/friendrequest/:request?/accept': 'FriendController.acceptRequest',
};
I have applied the isAuthenticated policy on this action.. which is like
module.exports = function(req, res, next) {
if(req.isAuthenticated()) {
console.log("Valid User");
return next();
}
else {
console.log("User not logged in");
return res.json({error: "Please login"});
}
};
No whenever I call <myhost>/logout I get the following json back..
{
"error": "Please login"
}
and here is the output on the server..
Valid User
Loggin out
User not logged in
This means that my controller's action is being called twice.. and this is not the problem with only this controller. The UserController.add action has the same problem. I seem to be doing every thing fine but I don't know where this problem is coming from. Can any one suggest how can I debug it . Or what could be the root of the problem. As far as I have check..
Browser is not sending the request twice.
The Controller's action is being called twice and so are the middleware assosiated with it.
Oh i have the same Problem a few weeks ago.
Sails also call the middleware on static files (like your styles.css). Console.log the req-object than you see what your browser requested.
There a two Ways to handle this Problem:
1.) Try to set skipAssets: true in your route (see: http://beta.sailsjs.org/#/documentation/concepts/Routes/RouteTargetSyntax.html)
2.) In your policy add an if-condition to skip assets (like ".js", ".css" and so on).
I have tried basic steps of Firebase Facebook authentication. So in my app the user can successfully log in using Firebase Facebook authentication. But I have a problem in logout.
I used logout button and bind click event on that, as shown below:
$(function(){
$('#lgout').click(function(){
auth.logout();
});
});
For login I use this code:
var chatRef = new Firebase('https://my-firebase-url');
var auth = new FirebaseSimpleLogin(chatRef, function(error, user) {
if (error) {
// an error occurred while attempting login
alert("please login first");
} else if (user) {
// user authenticated with Firebase
//alert('User ID: ' + user.id + ', Provider: ' + user.provider);
$.ajax({
type: "GET",
url: "https://graph.facebook.com/"+user.id,
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function(data) {
$('#user').text("Welcome "+data.name);
}
});
} else {
// user is logged out
//auth.login('facebook');
}
});
auth.login('facebook');
In login also, I got one problem as you can see in else part I used auth.login('facebook'); that is not working showing error
auth is not defined. But if I used outside of else then it working fine.
Please help me to figure out this problem.
Separate from the issue regarding auth.logout(), you should never call auth.login('facebook'); from within this callback. Rather, it should be called after a user click event, as your browser will prevent the Facebook pop-up from launching.
From https://www.firebase.com/docs/security/simple-login-overview.html:
Third-party authentication methods use a browser pop-up window to
prompt the user to sign-in, approve the application, and return the
user's data to the requesting application. Most modern browsers will
block the opening of this pop-up window unless it was invoked by
direct user action.
For that reason, we recommend that you only invoke the "login()"
method for third-party authentication methods upon user click.
I'm trying to get geolocation inside a webview in a Chrome Packaged App, in order to run my application properly. I've tried several ways to get the permission in manifest.json and injecting scripts, but it doesn't work and doesn't show any error message.
Could someone give me a light or a solution to get permission and show my geolocation?
Some features that usually require permissions in a normal web page are also available in a webview. However, instead of the normal popup "the website xyz.com wants to know your physical location - allow / deny", the app that contains the webview needs to explicitly authorize it. Here is how it works:
No need to change the web page inside the webview;
In the app, you listen for permissionrequest events on the <webview> element:
webview.addEventListener('permissionrequest', function(e) {
if ( e.permission === 'geolocation' ) {
e.request.allow();
} else {
console.log('Denied permission '+e.permission+' requested by webview');
e.request.deny();
}
});
One thing to note is that the request doesn't need to be handled immediately. You can do whatever you need to do before allowing or denying, as long as you call preventDefault in the permissionrequest event and keep the event object from being garbage collected. This is useful if you need to do any async operation, like going to a storage to check if the URL requesting a permission should be allowed or not.
For example:
webview.addEventListener('permissionrequest', function(e) {
if ( e.permission === 'geolocation' ) {
// Calling e.preventDefault() is necessary to delay the response.
// If the default is not prevented then the default action is to
// deny the permission request.
e.preventDefault();
setTimeout(function() { decidePermission(e); }, 0);
}
});
var decidePermission = function(e) {
if (e.url == 'http://www.google.com') {
e.request.allow();
}
// Calling e.request.deny() explicitly is not absolutely necessary because
// the request object is managed by the Javascript garbage collector.
// Once collected, the request will automatically be denied.
// If you wish to deny immediately call e.request.deny();
}
Also note that your app needs to also request the respective permission:
"permissions": ["geolocation"],
The webview sample has more code for other permissions, like pointerLock and media capture.
A bit more detail:
The response does not need to be made immediately as long as you preventDefault(). The default action is to deny the permission request.
webview.addEventListener('permissionrequest', function(e) {
if ( e.permission === 'geolocation' ) {
// Calling e.preventDefault() is necessary to delay the response.
// If the default is not prevented then the default action is to
// deny the permission request.
e.preventDefault();
setTimeout(function() { decidePermission(e); }, 0);
}
});
var decidePermission = function(e) {
if (e.url == 'http://www.google.com') {
e.request.allow();
}
// Calling e.request.deny() explicitly is not absolutely necessary because
// the request object is managed by the Javascript garbage collector.
// Once collected, the request will automatically be denied.
// If you wish to deny immediately call e.request.deny();
}