Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I am creating a facebook login functionality for my website.
When user login through facebook , then I want to fetch emailId ( which can come with public profile ).
Is it possible ( in any case ) that when I fetch public profile then it does not contain users email Id ?
Thanks
Amit Aggarwal
There are very less chances that you'll get email without asking for its permission as a public info.
You gotta ask for permission email to get one. But still there could be chances (3-4 in 100) that you'll not get email even when user gave you the permission and you can do nothing about that. You can check out this discussion for the reasons: Register with Facebook sometimes doesn't provide email
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
I am making a sign in with username in Firebase. I want to retrieve user email and sign in with email, while the user types username and password.
In other words, get an email from the database which corresponds entered a username.
let username = usernameTextField.text
Database.database().reference().child("members/email")
I cannot go further from this point
Why are you using the username for login? Use email password auth provided by firebase. see this https://firebase.google.com/docs/auth/ios/password-auth
What you are trying to do needs to expose all the username and emails from database to every one which is not a secure solution. Using firebase authentication you have to trade off username for email as username
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 4 years ago.
Improve this question
I am new to Firebase, I am using Swift 4, There are lots of examples to do basic user authentication but I would like to know how I can create users as either admin or with basic access level and I would like to be able to determine when the user is logged in if he is admin or just a basic user?
Any concrete example on github based on KSigWyatt's answer below would be really appreciated.
Thank you
I would recommend that you use Firebase Database and save an attribute (something like isAdmin as a bool flag) for the user permissions.
There's no way to save application specific user attributes within Authentication. The only data that Auth stores are things like email address', social accounts, passwords of the user accounts.
First
Try something like this for your database:
Database/
Users/
UID/ -- Each of these are Unique
id: -Lrye7w8qtrewfr
isAdmin: true
...
...
...
Afterward...
Using ref.observeSingleEvent() once the user is logged in will return the snapshot for the child Document/Table "User" and the second child of the user's UID via Auth.auth().currentUser.uid
Capture the return using the same key as the attribute in the database. ["isAdmin"]
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
Let's say my web server calls
Tableau to get a ticket
POST on https://mytableau/trusted with client_ip parameters
to get a ticket number that we use on an IFrame.
Can the user share it with another person to spoof his login to other?
set
wgserver.extended_trusted_ip_checking to true
If the IP address is same then wgserver.extended_trusted_ip_checking is not going to stop userB from using the ticket generated for userA to 'spoof' the login for userA.
That being said, the trusted token is one-time-use only, so as soon as the view is rendered for userA the token becomes useless for userB.
Also there is a time out of 180 seconds after which the ticket expires. (This time can be reduced further by tweaking : vizqlserver.trustedticket.timeout_in_seconds)
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
Say my application has users, and each user is uniquely identified by their email address. In that case, it makes sense to use the natural key of email rather than using an auto incrementing ID as the primary key, which is common in most systems.
Then, in my REST API, would it be okay to access a particular user like this?
https://api.whatever.com/v1/users/john#smith.com
Traditionally, you'd use the user ID in place of john#smith.com, but in my application the email address is the unique identifier for user accounts.
What would you pick? Using email as a natural key in REST URLs or create a user ID field to use instead?
I would use a user id. A person and their email address don't have a 1 to 1 relationship and they don't have the same life cycle, so using one as the identifier for the other is a bad idea.
People may have more than one email. Maybe they don't have an email account (it happens). Maybe they change their email. If you use the email address as the key, you might run into problems later on.
Should be url encoded
https://api.whatever.com/v1/users/john%40smith%2Ecom
Else fetching by id could by faster than by mail, and maybe you want to open the API to another application person, that should get the knowledge of the E-Mail address
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
We have developed a website that allows users to subscribe to a service using their Facebook credentials.
How do we create test Facebook accounts that can be used to execute end-user test cases for this feature?
You can create test users via the Graph API. You shouldn't refer to them as "fake" users because that has some negative connotations; Facebook actively peruses and shut's down fake accounts. I believe what you are talking about though is accounts to test Facebook applications...
The documentation details how to create test users via the api -
https://graph.facebook.com/APP_ID/accounts/test-users?
installed=true
&name=FULL_NAME
&locale=en_US
&permissions=read_stream
&method=post
&access_token=APP_ACCESS_TOKEN
You'll need to substitute all your own data in the request and the response you'll get back should look something like this -
{
"id": "1234...",
"access_token":"1234567..." ,
"login_url":"https://www.facebook.com/platform/test_account..."
"email": "example...#tfbnw.net",
"password": "1234..."
}
You can then use that users credentials to test your applications authentication process and functionality.
In addition to creating test accounts via the api, you can also use the interface within the application's dashboard under the "Roles" section - https://developers.facebook.com/apps/APP_ID/roles
Had the test accounts set up with no problem. Finally found the parameter I was missing to get the accounts to interact with the website properly.
Cheers.