I need to learn how to implement login into a website but I've heard that I shouldn't make a custom script unless I really know what I'm doing.
A better alternative I've hard is to just use Facebook login. I've looked over the docs but I'm still confused on something. I want to store additional information about the user (not just their facebook profile information) and I need to use that information to generate unique pages when they're logged in.
I am also wondering if the additional information I save about them will be just as secure as their facebook information or if it will be more vunerable.
If someone could guide me in the right direction with direct answers or useful articles I would very much appreciate it.
Read through the docs for login with Facebook and try out the sample code provided. That will give you a clear idea how to integrate Facebook login in your website.
In order to integrate login with Facebook you will first require an app id which is quite simple to create. Once you have the FB app id, you can integrate the login bit. Once the user successfully logs in, you should get back an app-scoped user id and as suggested by Lix use that as the primary key. Also, after user logs in, you can may be present a form where you collect additional data and save that against the user id in the database.
Regarding the security of the information, it really depends how and where you store it.
Related
I have a task to add links to a web page to enable the user to post a short message to Facebook. There may be multiple messages on the page, each with its own link. The intent is to launch a Facebook share dialog pre-populated with the text of the message which the user can then modify, accept and/or reject.
I'm pretty new to programming anything for Facebook. I'm fairly confused and am not sure what to ask first, so I'll go with a very basic question: what's the simplest way to do this? I gather from Facebook's documentation that I probably have to use the Javascript SDK and/or the Open Graph technology. Is this correct, or is there another option I'm missing? Is there a really clear example of this kind of solution anywhere?
Thanks!
You have to create a facebook app first so you have your app_id and app_secret.
After that you need to request permissions to the user to publish_actions. If the user accepts, you'll receive a token (you need to store it in db). If you need to publish actions in a user page instead of his own page, you also need the manage_pages permission.
You need to read the facebook graph api documentation to understand how all this works.
The access token you receive expires after certain time. So, when you receive it, you can ask for a long lived token. The page tokens doesn't expire.
Facebook evaluates your app before approving it to be in production. They ask a couple of questions about how you'll use the user's token and data. You might have to put pictures of the flow too.
As far as I know, Facebook won't allow you to send pre populated messages to the user's wall. They user has to write it.
Hope it helped a bit!
I want to create an iPhone app that displays (among other things) a specific Facebook wall. For a good user experience I didn't want an app that required the user to have a Facebook account and I didn't want to force the user to have to log in to Facebook to see the latest "news" in the app. I started out by getting the wall RSS feed and tried parsing it ... I can "see" all the data I need ... but that is getting complicated quickly and has too many variables that are making the final results less than stellar. I have read through the Facebook iOS programming tutorials and it seems to me like the SDK forces the user log in, which I don't like.
My question ... Is there a way to use the Facebook SDK with hard coded profile credentials to access a specific wall without forcing the user to login? If possible, is that a recommended approach? Any other ways to skin this cat?
I have read through the Facebook tutorial and searched through many postings on this site but haven't found an answer to this ... sorry if this a newbie question and has already been answered.
Item I.2. of the Facebook API policy list says
You must not include functionality that proxies, requests or collects
Facebook usernames or passwords.
It sounds to me like that's what you're proposing to do; i.e., the user will be able to see a certain wall, but using hard coded credentials (not their own). In other words, your credentials are proxying for the user.
I do not know if it is technically possible to do this (I imagine it is) but I don't think it's a good idea, and I do think it's a violation of the Facebook API terms of service.
First you need to get the a access_token by parsing your app id and secret.
https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET
Then send following request to get the data you want. Note that only public data will be accessible.
https://graph.facebook.com/FACEBOOK_USER_ID/?access_token=ACCESS_TOKEN
I need the following, any help would be much appreciated.
I Have a registration form.
It inputs the data Name | ID | DOB | TWITTER | FBID
When the user registers it asks for the above values.
Twitter is easy as users can just put in their Twitter ID.
But I Need to get the users Facebook ID in the form.
What would be the best way to do this?
Could i use the 'Connect To Facebook" Feature.
All i need is the Facebook user ID so that i can use it when retiring graph data later on.
I have set up a Facebook Application and am using PHP with a MySQL database.
Thanks
Alex
Well, they have specific APIs for different functions. In your case none of their simple solutions work. You will probably need to use Facebook's Graph API. You should take a look in their PHP SDK. It is a very useful tool. I used it once and it worked perfectly.
You will need to know much, before you get the users is. Also if you want to make that automatically, they will have to be logged in and they will have to confirm access to their personal data from your facebook app.
Good luck!
For any user data you wll need to get permission from user.
You can use Facebook connect.
Make the user log in and get access token, this access token is the key to all user data.
You can use this access token with graph API also.
Check my blog.
I'm linking my app to Facebook, and would like people to log in with their Facebook account, but I can't figure out how to do this. I had read up on Facebook Connect, but it seems that that's not used any more - but every tutorial I can find seems to refer to it. When I try to follow them, it doesn't work, because the interface has changed.
So, can anyone direct me to a tutorial or guide to doing this the new way?
Basically, what I want to do is this:
A user who is signed into Facebook and comes to my webpage is automatically logged in to my app (with the usual Facebook 'granting permission' windows etc), or can sign in with their Facebook account if they're not already logged in.
I then want to use Facebook to link users with their friends who are also registered on my site, so they can share things.
I would also like to have access to Facebook comments made on wall posts from my site - so the comment stream for a particular post can be seen on my site as well as on Facebook, and comments can be made on either.
If anyone can point me in the right direction (or even tell me what I should be typing in to Google!) I'd be very grateful.
Thanks.
Some sample apps that do many of the things you speak of are shown here. The Graph API is probably your best bet right now for delivering the content and access you need and there are numerous tutorials online for how to use it, including the Facebook Developers site itself.
You will find good Tuts on ThinkDiff, e.g.
http://thinkdiff.net/facebook/new-javascript-sdk-oauth-2-0-based-fbconnect-tutorial/
http://thinkdiff.net/facebook/php-sdk-3-0-graph-api-base-facebook-connect-tutorial/
http://thinkdiff.net/facebook/graph-api-iframe-base-facebook-application-development-php-sdk-3-0/
I know this is an older question, but the current method for authentication is OAuth 2.0.
Facebook provides a pretty good outline of what steps are necessary in this Reference:
https://developers.facebook.com/docs/authentication/client-side/
This example allows the authentication to occur entirely in Javascript on the client side so that you can request a potential user to authenticate via Facebook and then confirm access to your application.
If the user is already logged in, only the access confirmation for your application is performed.
If the user is already logged in and access has already been granted, the user is not required to login, or reconfirm access.
I've done a little searching and was wondering if there is a way to link a users account in our web app with their social media accounts they choose to link (facebook, twitter, etc). i.e. when they log into our web app they are auto logged into facebook, twitter, etc?
I see facebook has an api to login to our web app using their facebook book account but I want it to work the other way around, I want them logged into facebook when they log into their account via our web app.
Thanks,
Ryan
It is definitely possible-from your question I assume you would like to pull data and make actions on behalf of a user? If so, you will need the offline_access permission as well as all the other permissions you will need (check out the list here to see exactly which ones you require). Then, you can trigger a script on your server that tell facebook as soon as the user is logged in to your site, to log in your application as the user as well.
NOTE: You might be going about this in the wrong way. I would advise that you specify a bit more details on what exactly you need the user to be logged in for, and I can (probably) provide you with a decent answer.
EDIT: In response to your question in the comment, Ryan, here is my answer:
You need to divide this problem into 2 different situations-one: your company wants you to write all the code from scratch and don't use what facebook has to offer, in which case you should create a custom login script that enables your users to use their facebook account as the Actual user account in your web app. This is the best solution in my opinion, and is supported by the ever-so-awesome Jeff Atwood. Here's a link to how to do just this, and a tutorial about this also.
Or your company is comfortable with using Facebook's Social Plugins.
Then you should focus on Like Button & Comments : These social plugins are the best way to enable people to create social experiences if they're already logged in.