I have tried front page setting to show only enrolled course .but even this shows not enrolled course.show only enrolled course in moodle when user is logged in moodle site.
You will have to set from the theme that when the users sign in, they are redirected to yoursite.com/moodlesitename/my/
Related
I wonder what kind of workflow other people have had when logging in with facebook.
I have an app that requires signup. People can also signup by logging in via facebook. That part has been integrated.
However, when a user signs in with facebook (which means: facebook page open and requires login), my workflow
takes the user to a screen where he needs to create a username (as having a username is required).
After the user picked up a username, then I create this new user, save the facebook token and generate a password.
Now, automatically, the user will be logged in in my app.
Next time the user opens the app, in background, I will login the user taking the email (which originally was fetched from facebook) and the password, which are stored in local storage.
But what if the user logs out or delete the app and reinstall it? I have seen that this happens some times. In that case, the workflow (if the user clicks on facebook login on my app) will take the user again to facebook. And after he logs in in facebook, he will come back to my screen where he can choose a username. This is bad. Because I already created an account for the user with the email binded to that facebook account.
Of course, I can understand that this user that logs in via facebook already has an account. But what can I do? Can I just login him in background? Are there any security implications (yeah, my app is not that sensitive, but I would prefer to use best practice).
Yes, if the user already logged in once, the expected behavior is to be logged in again on future visits to the app. If the user passed the Facebook login, you can safely assume that it is the same user imho.
I have a web app that has its own user registration, with a handful of users. The only mandatory fields are email, password and username, which must be unique. In the long run, I will still want to have our own registration system.
I would like to integrate Facebook, but I'm trying to figure out if I should integrate Facebook Registration or Facebook Login. I have these questions:
I've already started integrating Facebook Login and it works well. With this, not only can I enable Facebook users to login, but I can get all the information I need to register the user, if he is signing in for the first time via Facebook and has not registered via our site yet. I do not prompt the user for a password, to simplify the registration, however this means that if the user tries to sign in directly into our site, I tell the user that he must sign in via Facebook Login. Therefore, I question the need for Facebook Registration, which seems to be more complicated to integrate than Facebook Login. Can anyone tell me why I should integrate Facebook Registration instead?
The drawback I see with integrating Facebook Login or Facebook Registration into our existing user registration, is the username. I currently copy the user's Facebook username into our database. However, there is the possibility that the user's Facebook username is missing or is a duplicate of an username from one of our existing users, in which case I will have to prompt the user to change it. Then what happens if in the future, the user changes his username on Facebook? Should I change the user's username on our site when he logs in next via Facebook? What is best practices here? Am I correct to assume that if I don't bother changing the user's username on our site, it won't be an issue?
Then there is the possibility that the user's Facebook username is not valid by our requirements. Currently, we require the username to be alphanumeric and underscores only, using this reg expression: /^[\w]*$/ However, Facebook allows periods, but not consecutive special characters and possibly other criteria that I did not detect. This means that I should use the same validity check as Facebook uses. Does anyone know Facebook's reg expression for their usernames?
I am able to show the Facebook user's profile photo with an IMG tag and src= http://graph.facebook.com/facebook.id/picture. Does anyone know how to save the photo onto our server? We use Javascript and PHP.
Thanks for your help!
Hey I'll try to address your points 1 by 1
Facebook Login is merely a means to sign a user in to your site by them connecting via Facebook, as you state, they don't have a password as Facebook handles the auth. However you could redirect them to a specific page after using facebook login and get them to enter a password to use their account without being connected to facebook. The facebook registration plugin is more a tool to get users to register on your registration system (although it does support being your only registration system). It provides convenience by pre-populating a number of fields you might commonly ask for such as name etc. if a user is already logged in to Facebook. You can customise though to ask for additional info. It also means you can supply 1 registration form for your users whether or not they use facebook.
The facebook username should not be missing. Their 'name' field should be the users first and last name which I believe they have to supply. I don't think it can be empty. What I would actually suggest doing, is what I mentioned in point 1. Allow users to connect via facebook, but then prompt them to enter a username either as part of the login flow or after. You can then check this for uniqueness against your current database. To begin with you could assign them a username that is first_last_timestamp or something similar. This would more likely encourage them to change their username to something they want. If you used the registration plugin, you could easily enter your own "username" field into this. Then it doesn't matter if the user changes their name on facebook as they would still have a unique username to your site.
Facebook's usernames should just be a users first and last name (though obviously people do enter random things). The 'name' field is an combination of these so there will most likely be a space between them. You could always replace any invalid characters using your own regex, replace whitespace with underscores etc.
I'm not sure if there are any platform policies that would restrict you from saving the users picture to your own server/DB. What I would ask though is why you would want to? In my experience this is more likely to change then their name is. As such groups of friends using your site are probably more likely to recognise the profile pic that their friends use on facebook.
I would finally say, that the best bit about connecting their Facebook account either way means you can provide a smooth login experience so that a user doesn't have to sign in everytime. My own personal experience is that facebook login (with your own integration code on the success page) is better than the registration plugin. There are fewer steps for a user to connect to your app this way and they don't have to fill out a form. The success callback also means you can still perform the custom username code/flow I mentioned above and then prompt them to change their username if they desire. Just remember it is best to ask for as little info as possible at sign-up as users are more likely to join this way.
Hope this helps!
I'm creating a website that people can send sms from my website, I want to implement facebook login to my website and any one who logs in to my website using his facebook account and doesn't have an account in my website i want to create one for him. as he should later enter his phone number and verify the number and without having an account in my website its not possible. now the problem is if I use his facebook username to create the account it might cause duplicate name (as someone else might have got that username).
I will of course combine the information of the existing accounts when someone uses facebook login which have already account in my website. this is not a problem.
what would you suggest?
thanks in advance.
Dont use the Facebook user name as the userName column of your users database. You can get many other unique information from a Facebook user, like e-mail or facebook ID. Use them to "connect" between the information from your database details and the info you receive from Facebook.
For example:
When signing up to your website, one of the fields you can ask is the facebook login e-mail. Thats how a user would have the option to login to your website by Facebook, without any connection between his facebook user name and your user name.
In your user details table, just add a facebookEmail column, then, after you implement the Facebook Login API and a user login, check to see if his e-mail (from facebook) is in your table.
now the problem is if I use his facebook username to create the account it might cause duplicate name (as someone else might have got that username).
Well, then either build in a check if the user name is still free and if not prompt the user to enter a different one; or
automatically chose a different user name, f.e. by using a counter – if the user name from Facebook is foobar and this is already taken, then check if foobar1 is available, etc.
If creating it automatically, maybe you want to give the user the possibility to change it afterwards.
Here is a scenario to explain my question:
Lets say the app is a simple "suggestion box." The company installs the app and adds it to their facebook page. Then a user sees it and decides to leave a suggestion.
Once they click on the app, the app will ask to be authorized. Once they authorize it, I have no trouble sending their FB username to my server.
But how can I capture the user id of the company on whose page they first clicked on the app before they installed it?
I want the app to capture both the username of the person who is authorizing it, and the username of the person on whose page he click on the app.
Some users may install the app from the app center directly, in which case this field may be blank, but every time someone clicks on the app on someone's facebook page, I need both pieces of information to go to the server.
Any ideas?
You'll be able to find this information in the signed_request passed to your application. It contains a page parameter that contains information about the page that the application is installed on. If the page exists, then the user is accessing your application from a page tab, if not, it would be safe to assume that the user is interacting with the application on its canvas url - https://apps.facebook.com/yourAppNamespace
Facebook Signed Requests -
A signed_request parameter is used by Facebook to pass data to an application in a number of different scenarios...
I'm using the Facebook Graph Toolkit and developing ASP.NET website.
I want to create and design a website that has registration that will use a Facebook account as an alternative to my website login/registration.
I am thinking of just storing the Facebook User ID who has approved the use of the FB app in order to identify the user for next time when he/she logs in to my website using his Facebook account.
Scenario here is:
Any browser, user already logged in to his Facebook account (say browser Tab no.1).
Same browser, Tab no.2, user visits my website (he has already registered to my website using his Facebook account, as I store his Facebook ID).
Upon his visit to my website home page, the top corner will display his account name (this indicates that he has logged in to my website even though he has only logged in to Facebook, but never visited my website and clicked on the Login button).
So my question is, how to achieve the scenario of step no.3?
It's quite easy but you need to do some research first. Research will better help you to understand each and every point.
Go to the Facebook Developers API Reference and do some reading.