I have a school project to do which requires us to develop an online voting website. how do i ensure one user has voted once only?
the website is supposed to be in booths in public places which means i cannot use ip addresses or cookies. i was planning to use fb login id or maybe some other email id but i cannot find relevant codes/links. i just want people to go through the procedure of entering the log in id but not go to fb directly.
my website cannot be published online.
could you please suggest how i can achieve this? it is a bit urgent, thank you!
Related
Allow me to better explain: the company I work for work alongside holiday camps etc and want to add a link into the booking confirmation email which will take them through to a web page (which can only be accessed through the unique link) to sign up to our service.
What we need is to be able to have an automatically generated link within the email which can then be used to access the page and stop any random person signing up that happens to have a link.
Any info or suggestions would be welcome, even a jumping off point to research further would be fantastic- cheers!
We are building a SaaS solution which runs on SaaS.com for example. Our software should be white label for our resellers and their costumers. The costumers of our resellers are stored in an specific database witch is different for each reseller.
The reseller creates a button on his website [Login] which sends the customer resellerID.my.saas.com Our software gets the resellerID and selects the corresponding branding and database. This all works fine in an development environment at the moment.
We have only 1 thing which we need to solve and that is the url what the customer of the reseller sees in his browser. This is (after logging in) my.saas.com
We want that the customer of the reseller sees the domain of the reseller after they are redirected to our link (resellerid.my.saas.com), for example my.reseller.com
I googled a lot and asked our and 3th party developers how to solve this. Till now the only solution we found is using an iframe which has not our preference. This becouse this is not optimal for mobile views? and is out dated, isn't it?
I also tried to solve this with dns which i couldn't get done.
Is there any way to achieve what we want and when yes, how can we implement?
Hope on usefull responds becouse this part is verry crusial for our business.
Thanks in advance, Rogé
I'm developing a client jabberd application for mobile(android) using (a)Smack.
Since, in my application, the users are registered by their phone numbers, the application should be able to recognize which contact has a jabber account on the server and suggest him/her for chatting.
After googlling the web I found that there is a jabber user directory (JUD) which I can use to check there is an account for a specific mobile number or not. (I'm using UserSearchManager).
My questions:
1- It seems that there is no record in JUD for a user who has not updated his vCard yet, so I cannot find him. Is there any solution to check the existence of this kind of users?
2- It seems that by using JUD, everyone outside of my application can fetch some important information of users such as mobile numbers, emails, etc. Is there any solution to limit JUD search engine? (for example, getting only "user field" as a input and returning only "full name field" of existing accounts or other useful limitation).
So by this way, I can recognize which person from the contact list has an account on the server and also other people cannot fetch important information of the exiting users.
Any command or advice is appreciated. Thank you.
I do not think it is possible as default, without customizing ejabberd application code.
I'm about to use one of those multi-provider authentication frameworks Opauth or Hybridauth (don't know which is the best but I had a little preference for the second one) so the consequence is that I have to manage multi account.
In fact I already have my own account management (login+password+email) and I had last year facebook users. Now I will have to deal with Twitter account, linkedin account, etc...
So the question is easy : how to manage the username ?
For instance, John create a account on my site. So "John" login/username is taken. But if another John from Facebook then another one from Twitter arrive, what i'm supposed to do ?
In Stackoverflow (or elsewhere), what is the practice ?
I don't want a John write on the behalf of another John. Today with my own system, I verify that the login (username) is unique. If not I reject the user. But now ?
I thought that I can check the email but... I learnt that email address can't be the key because of Twitter that doesn't give it to you.
Hope I'm clear enough :)
regards
As you say it's not possible to just retrieve the username from different sources and just store it. I don't know how it is done here in stackoverflow but if you try to register the name is optional so probably it is not an unique key. I can't see the way to login with twitter here so I bet that email is a unique key.
I'll try to answer your question but I've only used facebook API so maybe this can't be done with others. I suppose that each API gives you something you can store in your database and use it later to identify your user against their API.
If you allow users to register with facebook (or gmail, twitter...)then you can use the next approaches (I'm sure there are few more):
They always login with facebook (or twitter, gmail...): you store a record for them inside your database with the key provided by the API and other useful info you can collect. As you said each API gives you different things so you have to think in advance what you really need to provide your users with a good experience: is their name needed? age? If you need more data than the provided by the API you should jump to the next approach or prefetch it and make it editable before. Here you don't ask your user for a password so they can only login with facebook not with a login form, if a user tries to authenticate with facebook (or twitter, gmail) again you know which key you have to look for and authenticate your use.
The can create an account and link it with facebook (or whatever): you ask for facebook permission and then prefill a form for them to provide the data that is missing (password, mail if they use twitter...) and then create the record storing the unique key provided by the API as well to proceed exactly as step 1 if they use their facebook accounts to login. If you asked for a password and an email they can use a standard login form as well.
You can use the first approach and ask the user to change the attribute that is in conflict with other user (name in your case) or even ask to fill what is missing depending on which social network they are using to sign in. You can use name+surname as username to reduce the colission possibility if this is what you want to store to identify your user.
Hope this helps
HybridAuth gives you an excellent way to integrate your site with the social media...
http://hybridauth.sourceforge.net/
This should also help...
I hope this is allowed but I have a number of questions regarding Facebook Connect, I'm quite unsure on how I should approach implementing it.
I am working on a live music type service and currently have user registration, etc. If I were to implement Facebook Connect alongside this, would I still be able to email the Facebook Connect users as if they were on my database?
Also, would it instead be possible to let users who have Facebook "link" their accounts once registered so I am able to give them the benefits of sharing via Facebook and inviting friends while still having an actual registered user on my system.
I have tried to read up answers to the above questions but what I've found is quite ambiguous.
Thanks, look forward to your views.
Facebook's documentation process is very poor, so don't feel bad about having a hard time getting started. Their wiki-style approach to documentation without any real official documents tends to leave the "process flow" tough to grasp, and requires piecing together parts of a bunch of randomly scattered docs.
Facebook has an obligation to protect privacy, so they never make a user's actual email address available to application developers, through Connect or normal applications. They do have a proxied email system in place that you can use, however, you must get explicit permission from a user in order to email them. There's a decent document on proxied email here. You can get permission by prompting for it; there's several methods for doing so linked in that document.
In regards to linking Facebook and local accounts, this would definitely be the way to go. Once a Connect user logs in, you want to store that fact for that user so you can provide the Facebook-specific functionality. I would simply create a normal user account in the database for every new Connect user that came by, with it's own local id, so that you don't have to do special handling of two different types of user accounts all over the site. That being said, the account would obviously have to be marked as a Facebook user's account (I use an externalId column in my users table), and any part of the site that relied on information you might otherwise have locally would have to handle the Facebook aspect properly (such as using proxied email instead of normal email).
For existing users, you could arrange an "account link" by having a process whereby they log into FB Connect after they've logged into the site already, and you could detect that and simply add their FB id to your users table. After that, they could log in through Connect in the future, or through your normal process. I've never done this, but it should be possible.
If you write the account handling code generically enough, your site will be able to function well no matter what kind of user you throw at it.