I create a Sign up and sign in form. and i want user id from getting personal data. It starts with a login screen with personal email and password fields after authentication it moves to profile page and show respective profile. like this user image , name, email id, address. My storyboard Flow is Sign up> Login> View Profile.
values stored in server database and login properly. but can't fetch personal details.
I think i am not explaining properly please try to understand and help me.
Related
What I want to achieve
Save login credentials (email and password) on Keychain/Keystore.
Fill login form when a user selects corresponding login info from Keychain/Keystore just like attached with some hints shown above keyboard. Example behavior from https://stackoverflow.com/questions/67582718/save-login-info-to-apple-keychain-in-flutter
Being able to delete the credentials from Keychain/Keystore directly when a user wants to.
What I have tried
I have been successful saving and fetching email and password using flutter_secure_storage, but I cannot locate where they are on Keychain. I want to set domain or app bundle id or something to let Keychain/Keystore know that the credentials are for this app, but I cannot find such settings on flutter_secure_storage.
I am working on flutter app using Google Fit API to get information about users activity.
I used flutter plugins fit_kit or health to get the needful.
App is working. I created client ID. I went thru verification process and its basically ready for prime time. I have however one concern. When you launch the app its trying to get permission for the scope:
./auth/fitness.activity.read
First modal dialog leading to actual consent screen is asking me about sharing email, name and profile picture.
I don't have place in the code asking for access to google account's email, picture or name. Can this message be removed or altered to reflect actual situation?
You cannot change that message, it comes by default while choosing the Gmail account, however, after choosing the E-mail you should get something like below which says what data you are getting from that user
As a workaround you can show a popup saying you need permission to access the steps data before asking the permission to choose the preferred Email, upon getting the permission from the user you can show the consent screen.
I'd like to offer our users a Facebook login option. But I'm not sure how to identify existing users (without a stored Facebook ID).
From the docs:
https://developers.facebook.com/docs/facebook-login/multiple-providers#addingfacebook
After a successful login using Facebook, you will have the person's
email address, Facebook ID, and access token. Your app should search
for an existing account that has been created with that same email
address. If one exists, you should merge the two accounts and add
the Facebook info to the existing account - as recommended above.
That doesn't sound like a secure approach to me. What would prevent someone from creating a new Facebook account with a fake email address that matches a user account in my app and then use my Facebook login option? (Obviously, this will not work if the user already owns a Facebook account)
Your concern...
That doesn't sound like a secure approach to me. What would prevent someone from creating a new Facebook account with a fake email address that matches a user account in my app and then use my Facebook login option? (Obviously, this will not work if the user already owns a Facebook account)
TL;DR
Facebook Registration process
Go to facebook.com/reg.
Enter the name you go by in everyday life.
Enter your email or mobile phone number.
So...
Facebook needs your email or phone number, that means there's no way someone can use another account's email or phone number to sign up again.
My advice to you is...
You have two or more authentication methods - 1 manual (email & pass) | the rest (social login).
You already have users, so when users login using OAuth and a matching email or phone number is found, you ask permission to link their Facebook account to your app or site account with a matching credential.
At this point you should authenticate the persons identity one last time, by having them enter the password for their account on your app or site.
Now you can safely assume this person is who they say they are and store their info in your DB.
I'm creating a website that people can send sms from my website, I want to implement facebook login to my website and any one who logs in to my website using his facebook account and doesn't have an account in my website i want to create one for him. as he should later enter his phone number and verify the number and without having an account in my website its not possible. now the problem is if I use his facebook username to create the account it might cause duplicate name (as someone else might have got that username).
I will of course combine the information of the existing accounts when someone uses facebook login which have already account in my website. this is not a problem.
what would you suggest?
thanks in advance.
Dont use the Facebook user name as the userName column of your users database. You can get many other unique information from a Facebook user, like e-mail or facebook ID. Use them to "connect" between the information from your database details and the info you receive from Facebook.
For example:
When signing up to your website, one of the fields you can ask is the facebook login e-mail. Thats how a user would have the option to login to your website by Facebook, without any connection between his facebook user name and your user name.
In your user details table, just add a facebookEmail column, then, after you implement the Facebook Login API and a user login, check to see if his e-mail (from facebook) is in your table.
now the problem is if I use his facebook username to create the account it might cause duplicate name (as someone else might have got that username).
Well, then either build in a check if the user name is still free and if not prompt the user to enter a different one; or
automatically chose a different user name, f.e. by using a counter – if the user name from Facebook is foobar and this is already taken, then check if foobar1 is available, etc.
If creating it automatically, maybe you want to give the user the possibility to change it afterwards.
I have successfully completed implementing Gmail openid into my website (asp.net),in which once the user make a successful login onto his/her gmail account, he/she is reverted back to my page.But i am not able to figure out how to access the data(data like their first name ,last name and city ) ,once the user comes to my aspx. page.
Plz help
What you probably want is oauth, not openid. More information on oauth and how to use google data Apis at http://code.google.com/apis/gdata.