How to use Amazon Cognito with Facebook Authentication? - facebook

I just started to learn AWS MobileHub and Cognito feature. I have a project which only required sign-in with Facebook.
In generated sample code I can see the process for user login and everything works fine. I am asking for a public_profile facebook permission and I must have access to user's email address. Now I want to store user's email address and retrieve it every time user login.
Do I need to save this data in dynamodb or cognito
I was wondering federated identity is what I need or I need to create a new user pool?
How can I get user's email address. Can I access it through AWS libraries or I must call the user's graph and ask for these information?
Can I save these data in [AWSIdentityManager defaultIdentityManager]
Is there any sample app displaying how to save information comes from facebook.
What I can see now is AWS got the userName and photo and ID from Facebook. But I can not see where these information come from and where they set up. Do I need to create a new pool and add attribute to that pool? Is there any sample app code with more detail regarding Facebook login?

Related

How does facebook token works?

I want to write a process which downloads data about my ads.
Basically this is the code:
https://github.com/airflow-plugins/facebook_ads_plugin/blob/master/hooks/facebook_ads_hook.py
It construct a URI as:
https://graph.facebook.com/v{api_version}/act_{account_id}/insights?{payload}
Where payload contains the access_token, breakdowns, fields etc..
Now, I passed over the facebook dev guide https://developers.facebook.com/docs/graph-api/using-graph-api/ and it doesn't explain how do I get the account_id and the token.
It always leads to a user account that needs to log-in to facebook and then process the request.
I want to build a process that doesn't involve user action. Just download logs about my ads.
How can I do that? Where can I get the account_id and the token.
In other systems like google and other they create a json file with credentials that is used for the outh. there doesn't seem to be equivalent with facebook.
For this type of use case, I would create a System User that is permissioned on all your ad accounts, following this guide. That will allow you to generate a token that can used without user login. (You can do the same for your personal facebook account, but that requires you to pass app verification. This can be done without that.)
Then to get the account ids of all the accounts the system user is permissioned on, query the "me/adaccounts" endpoint, using the access token generated for the system user. The docs for that are here. You can use that to get a list of all the account ids.
Alternatively, if you only need one account id, you can get that straight from the facebook ads manager.

login with facebook or google+

Just curious,
In case I want to make application using API for login(i.e Facebook of Google+)
What user's unique key do I stored in my database? Do my apps have same user's unique key as them(Facebook or google+), or they generate a new unique key for my user when sign in my apps? And what type of data is it?
Do I duplicate user's information into my database or keep accessing user's information from Facebook or Google+? Like do I have to create table for user's name, gender, birthday,etc and register user's information once user login to my apps or straight access it from Facebook or Google+ every time my apps needs it?
Is it really safe for user to using login with API? Can someone using API to get user's email and password, or make post in user's Facebook or Google+ that user don't want to post, or hijack user's account?
This might be common case, but I have no experience in using API so I have no idea about that.
What user's unique key do I stored in my database? Do my apps have same user's unique key as them(Facebook or google+), or they generate a new unique key for my user when sign in my apps? And what type of data is it?
When you use Google or Facbook signin you really only need to store the information that they return to you.
LoginProvider ProviderKey ProviderDisplayName UserId
_____________________________________________________________________
Facebook 1969950809700159 Facebook 21248583
Google 117200475532672775346 Google 21248582
User Id is the users id from my user table. Where i store there user information my system needs ProviderKey is the users Id on the login providers system.
Do I duplicate user's information into my database or keep accessing user's information from Facebook or Google+? Like do I have to create table for user's name, gender, birthday,etc and register user's information once user login to my apps or straight access it from Facebook or Google+ every time my apps needs it?
You can duplicate some of it when the user creates or links their account to your system but i wouldn't automatically update it without informing the user you are doing so. Some users dont realize how much information you have access to via linking to social media accounts.
Is it really safe for user to using login with API? Can someone using API to get user's email and password, or make post in user's Facebook or Google+ that user don't want to post, or hijack user's account?
I think you are confusing identity for Authentication. Using Oauth2 you request a user to grant you access to see there data though an api this is authorization. If you are using Google+ or facebook signin you are using an identity server and signing in as the user. You should be using signin if you want them to login to your system using their social media accounts. By singing in you are that user. No I dont think they can be hijacked using signin.

How to get the current user id using firebase admin?

I am working on an assistant app for which I am writing a cloud function which must retrieve the current user data from Firebase database by using the user id. I am using firebase admin and I referred the docs for firebase admin where they've mentioned the way of retrieving user data by using user id but they haven't mentioned how to get the current user id.
How do I get the currently signed in user id?
In order to get currently signed user id, you need to enable Account Linking in your AoG app.
In your AoG settings, enable Account linking with authorization code as grant type. Fill your client information and choose scopes.
Now when a user uses your app, it will ask for sign in, and on your AoG backend, you will be able to get authorization code.
Now using that authorization code you can retrieve the required user id and use that for your firebase admin.
You can find more info for Account linking here.

Storing Facebook login using PHP

I'm using the Facebook PHP API to allow logins into my website. I am also allowing people to login/register using a built in form in my software incase they don't want to use their Facebook account.
I have this all working fine, my only issue is how do I attach the Facebook account to their account in my MySQL Database?
So for example Joe Bloggs wants to create an account on my website. Rather than filling in a form, he decides to login via Facebook. He does so. After he logs in via Facebook, it returns him to a page on my website where he can fill in the rest of his account details. It then saves his account and he is free to sue the website.
My issue is after he logs in with Facebook, creates and saves his account in the MySQL Database, how do I link his Facebook account and his account in my database?
When you login with Facebook, it returns a STATE, CODE and I can also retrieve an ACCCESS TOKEN using the API. However every time I login, these codes change. I thought there might be one code returned that I can use to store in the MySQL Database so all I have to do is match one of the codes to the database.
But I can't seem to do this. Am I coming at this all wrong?
Hope I'm making sense.
My issue is after he logs in with Facebook, creates and saves his account in the MySQL Database, how do I link his Facebook account and his account in my database?
Just store facebook user id in your table.
When you login with Facebook, it returns a STATE, CODE and I can also retrieve an ACCCESS TOKEN using the API. However every time I login, these codes change. I thought there might be one code returned that I can use to store in the MySQL Database so all I have to do is match one of the codes to the database.
You don't need to persist them ever. Only facebook user id is the identifier you need to identify user
Store their FaceBook UserID as an optional field in your user table to link their unique FaceBook UserID to a user in your application.
https://developers.facebook.com/docs/reference/php/facebook-getUser/

Login system like Disqus for Twitter and Facebook

How do they manage to get user to login to Twitter / Facebook through Javascript so smoothly?
I am trying to replicate it for the web app. Basically, the user only needs to add a javascript snippet to their site to kickstart but I am clueless as to how to integrate facebook and twitter connect seamlessly.
Do they store access tokens after successfully authenticating a user?
Short answer is yes, they store access tokens after successfully authenticating a user.
After you try facebook and twitter apis, you'll see that, they both returns ids for every user who succesfully logged-in through your application. You can then simply add those ids pairing with the platform they logged in to your database. You can then use that data to track users easily.
You need to
Create applications on both platforms
Have pages for each provider to check if user performed a succesful login
Check if user is a newcomer and add that user to your database if so.
Set a session or cookie variable of user's local id in your own application or do whatever you are normally doing to track if a user logged-in as that user is your local user.