I'm still new to CI and PyroCMS, and am trying to implement a Facebook login using the Social module in a custom module, which looks like it does everything I want, but I'm clearly missing some basics (I can't find any documentation other than the brief readme)!
So far, I've watched the intro video, and have enabled Facebook successfully. I can connect via FB and see FB listed in /social/linked, but some confusion exists in my mind between the two user groups I've got: admin and user.
The flow I'm trying to construct is:
user arrives at the site and is presented with a survey
user fills in the survey, then is asked to signup (I understand that this is unconventional)
/signup has a facebook connect button, supplied by the social module
user clicks the connect button, and grants permission in facebook's popup window
user should be directed back to /signup, (or maybe redirected to /user/registration) with some details filled in from facebook (eg. email, name)
on submit, user should be added to the users table, as a member of the 'users' group (not admin) with no email activation required
an email is sent, thanks page is displayed
on returning to the site, the user should access their on-site profile using facebook connect.
I've read a bunch of threads on the subject, which have shaped these expectations...
Here's where I'm at:
user arrives, fills in survey, clicks the connect button
user is redirected to the homepage, which displays a standard page (not handled by my module). I need to return to /signup!
Based on this, I've tried setting:
$this->session->set_userdata('redirect_to', '/signup');
in what I believe is the correct controller method (checks to see if the user is logged in before sending the email, then calls template build to display the social buttons), to no avail.
(edit: I now see that the code above relates to the user module, not the social module.. maybe i can transplant some changes...)
My questions:
am i on the right track, or going about this the wrong way?!
am i right in thinking that the FB account will be matched with an existing user if the email addresss exists in the system?
I have only one FB account, which I is authorised for the app, and I'm using to connect with as a user - will this work, or do I need a separate FB account to test as user?
Other notes:
I am testing the site in Chrome, logged in as admin in Firefox.
Facebook is my testcase, I'm looking at supporting FB, LinkedIn, google and Twitter eventually.
Phew! Grateful for any feedback, Tim
I will try to answer some of your questions since i'm currently experimenting with the exact same social module as well and with some addons to it.
am i right in thinking that the FB account will be matched with an
existing user if the email addresss exists in the system?
Yes you are. I checked it myself while troubleshooting the fact that my google (gmail address) could'nt connect while my hotmail (registered email) could. You will have to sync your emails in all your social sites, change the loginsystem (allowing username login for example) or manually connect multiple emails in your account settings..
I have only one FB account, which I is authorised for the app, and I'm using to connect with as a user - will this work, or do I need a separate FB account to test as user?
I suggest u let someone with another FB account test the system (better save then sorry) but in my case I didn't have any troubles using other (normal) accounts to log in.
am i on the right track, or going about this the wrong way?!
This was your first question, but I'll answer this as the last on since I didn't test is myself:
The Facebook App has a setting called "Site URL". This is the url to which will be redirected. Simply change it to the page you wish it to be. You can also try to change the following lines in social/controllers/social.php:
Line 245 (redirect: user is logged in after FB connect)
redirect($this->input->get('success_url') ? $this->input->get('success_url') : 'social/linked');
Line 283 (redirect: user has to fill in some additional fields to complete registration)
redirect('users/register');
Good luck!
The intro video shows off the entire extent of the social module. Frontend registrations, frontend user account linking, and backend account linking for the entire system.
If you wish to integrate custom functionality, custom user flows and other stuff as listed in your question then you will need to do a little custom work with the module. Hack it, extend it, send in some pull requests, whatever, but sadly it cannot do "everything to integrate with everywhere ever" out of the box. :-/
Related
When you're trying to apply for Facebook Permissions for your application, you may encounter some permissions that requires App Review. In my case, I need to use the Facebook Login for Business Accounts, so I need to apply for Facebook's App Review.
In order to make an App Review for Facebook, you will need to provide step-by-steps videos and guides for Facebook testers to test for themselves. However, it does requires a Test User to do this.
A Test User can have a Test Page linked to it, and a Test Page is capable to link an Instagram Account created using this Test User. However, for some reason, I'm not able to convert this created Instagram Account as a Business Instagram Account using the Test User. I tried to link it using my application flow, but the "Convert to Business Profile" button does nothing, and if I try to do this in the Facebook Test Page account, the form that ask for Contact Information always throws a message "An Error Ocurred".
So, I'm unable to create an Instagram Business for testing and also not allowed to provide a real account because they don't allow this, as they explicitly says (Which I can agree with):
Note: Do not provide your personal Facebook account credentials.
As I'm unable to find a way around this, and I can't see to find any answer on the internet... I wonder if somebody could help with this one.
So, it seems it's just a Facebook bug (Just as one I was experiencing before this one, where after updating a Test Account permissions, the permissions were still not working properly) where the Test Account seems to be kind of locked in a state were you can basically do nothing more with it than what you have already done... So I end up creating a new Test Account and doing the same process, but this time it worked.
I had the same problem, and to fix it, I had to follow these steps :
Create a Facebook test user for your app.
Once the user has been created, click the three dots at the right, then edit its password, choose something that you will remember.
login as this test user.
Edit the user parameters and set its email address as main/default contact address (you need to type in the password of the user). It seems, by default, test user do not have default contact and this is required to login with instagram.
Now go to instagram.com, and create a new account using "login with facebook"
Fill in the name, password (you need to remember it), and userid.
Send the form, and you will get some error telling you to retry later. Ignore it, your account should actually be created.
Now switch to the instagram mobile app (web interface might not work, I was stuck in a redirect loop) so you can login to instagram using the email address of the facebook test user account (the one you used in point 4) and the IG password (you typed in point 6).
Hope it helps anyone stuck in this hell like I was for 2 days.
We have a simple app that summarizes the total number of mentions your instagram account gets using the IG-User/tags endpoint on the graph api (https://developers.facebook.com/docs/instagram-api/reference/user/tags/)
The pre-requisite of the app is the user has their fb account linked to their IG - Business or IG - Creator account.
Unfortunately every time we've submitted it for review so far it has come back with the same comment from FB:
"Although we were able to login to your app using the Facebook Login authentication, we were unable to test the steps to connect an Instagram business account. As a result, you'll need to implement an integration flow for an end user to connect their Instagram business account(s)"
Now as I understand it there is no way I can get the user to link their IG account to FB or to a FB page using the API. The "link account" action is purely handled using the Instagram app. Or am I missing something here.
Well after 3 weeks of back and forth with multiple seemingly segmented facebook support teams I have been able to get this permission from them.
Turns out that there's an unexplained flow here:
This is verbatim from the information I received from their chat support (but is not found anywhere in the documentation)
"You have needed to provide Test Users on your App Dashboard, grant the test user the Instagram_manage_comments permission and then provide us with the login details. We would then link that to an internal Instagram Business Account."(sic)
The part where they link an internal business account to the test user happens on their end and outside the scope of the app. I confirmed this and even then I failed the review multiple times because apparently the steps to approve IG business permissions have not been standardized yet and sometimes the approver simply doesn't know what needs to be done. It's a strange state of affairs and the answer it seems is to just keep pushing.
I'm having the same problem and looking forward to see some comments to your post since the first day. But I started to think it will never come.
I believe they want a new user to start with minimum permissions (which is the email permission) and add other permission only as they are needed. This requires a mechanism in your app that guide a new user logged in with only email permission to give other permissions (e.g. taping a button that opens up user’s IG business account needs instagram_basic and manage_pages permissions. Or taping “post comment” button needs manage_comments permission.) So your app should open up a window that the user can give permissions when any of these events fires. (or when user decides to take permission(s) back)
This is what I understand from “steps to connect an Instagram business account”.
But I am not sure if my understanding is correct. I would definitely like to hear if you found any solutions.
I'm also having the same problem as you as I'm developing similar service to IGBlade (https://igblade.com) & Social Blade (https://socialblade.com).
I'm beginning the wonder if I should change my app review request so that I would inform Facebook that the permissions my app is requesting work serverside and therefore there's no need to implement an integration flow for an end user to connect their Instagram business account(s) to my app.
Any thoughts?
Here is what I have done to get the approval
Create a Facebook test user with correct permissions
Log in with this user
Create a Facebook Page
Edit settings on Facebook Page and add Instagram Business account (personal one)
Submit Facebook review with both credentials (Facebook test user + personal Instagram user).
Wait for review and do not forget to change your personal Instagram user password after the review.
Update: It appears that when there's no API or token, software seems to simply ask the user for their account credentials, and probably has to store this information. I guess it can't be a huge security risk, since people are willing to share this information with apps like Mint:
So, my conclusion is that it is OK to ask users for credentials to other services if they can be secured safely and the user desires the service provided.
Many, many apps use others apps such as Facebook in order to get data from it, usually to verify the user is real and to get relevant profile data (e.g. a dating app would want age, gender, etc.).
When using such an app, I do not have to enter in my Facebook credentials. The app simply opens up my Facebook/asks for permission to access it, and voila it's done.
There seems to be a lot of documentation for well known companies like Facebook, Twitter, and PayPal on how to do this.
But how is it done for an arbitrary website that requires a user/profile, e.g. this website: http://ae.com/web/index.jsp
Unsurprisingly, if I google for FaceBook, there's a heap of resources, and even it's own dedicated tag (https://developers.facebook.com/docs/facebook-login/access-tokens).
However, if I start googling for American Eagle, e.g. "https://www.google.com/search?client=safari&rls=en&q=american+eagle+access+token&ie=UTF-8&oe=UTF-8", I get nothing relevant at all.
If I understand your question right, that you want to enable facebook login for your website,
you still need to create a facebook app. then use the access tokens in your website. so when user clicks on login with facebook, the app will be asking for permissions and finally you will get the access token and you can use that in your site to log in.
I'm new to all this. This is what i'm after and i'm sure it's possible.
I've got a script where people can register/login in to as members. What i'd like to do is tie it in so that it just uses Facebook users details for the registrations. I've managed to set it up to sign up and and complete a registration using a user's name and email.
What i'd like to do now is automatically log the user in if they're logged in on facebook, is this possible or will they need to click a login button that then takes them to their page? If they need to click a button to login, how do I go about getting the button to take their facebook details and log them in? Also what happens in regards to passwords on my site? Is that stored in the app somehow?
Ideally i'd like to use the popup version of verification rather than the iframe that i've got set up at the moment.
Cheers in advanced for any help for a n00b!
This is in fact possible. Although I for my part was never a fan of such things here's some human-readable (simplified) theory:
Facebook uses a system called OAuth ( http://de.wikipedia.org/wiki/OAuth ). That means, when you want to have the user login onto your site using Facebook you'll of course need to provide a button/facebook-login-frame (see documentation) that says "Log me in with Facebook" or so. You then access Facebooks API (more here: https://developers.facebook.com/ ) and basically tell Facebook who you are ("Hi I'm website XY"). While that happens your user is redirected to Facebooks "permission-landing-page". On that page he needs to confirm whether he is fine with your website accessing certain information (like his name). If he confirms your website receives an access-token granting you access to a subset of his user information which you can then use to personalize his expeirence on your website.
Check out facebooks documentation because they explain exactly your usecase in detail.
(here: https://developers.facebook.com/docs/authentication/ )
PS: You'll of course never have any access to his Facebook login/password. That's kind of the idea behind "delegating" the authentication via OAuth to Facebook. Facebook only provides you with an access token (bound to that particular user who logged in and granted your app/website permissions)
I'm developing a website where the user can either sign up creating his own profile or can sign in with FB or Twitter.
The thing is I don't really know how to manage it, for example: let's say my user signs up through the website and creates content, what happens if the user later decides to sign in with FB or Twitter? How can I keep it all unified?
I know I could just do the Twitter sign in, get the data from twitter and create a profile in my DB for the user with his Twitter handle, don't know how I'd deal with later if he wants to just log in through the site.
Anyone have any ideas?
So he later signs in with Twitter or Facebook. I think you have a couple of options in this case. Allow the ability to link accounts together once the user signs in with any one method. Say they sign in with your sites registration, let them hit a page where they can add in other linked accounts like Twitter and Facebook once they are in their logged in state on your site. See the friendfeed model for inspiration. Or, like we did with ucubd.com/index.aspx - let the user sign in with facebook and regsister an account on their behalf and ask for their email as the login credential. If it's found - great. If it's not ask for a password. This will allow the user to either login with your sites registration method or through facebook. You will have the information in your database to link both of them together.
Every account on your system will have an e-mail address. Every account with FB, Google, Twitter is also linked to an e-mail address. What you will need to do is link the accounts based on e-mail address. That way you will never get duplicate accounts.