i want to impelment the same technique as stik.com has, if a user is logged into facebook they automatically fetch the user information without any approval, they just relaod the website.
How to do that?
refer to: https://developers.facebook.com/docs/reference/javascript/
you can get the user information, "session user" using one of the sdk's, javascript provided above. NOTE: you will still need to request atleast basic permission from the user to get the current users name, id etc;
refer to: https://developers.facebook.com/docs/guides/web/ for guide to integration.
Related
I'm using socialoauth (http://code.google.com/p/socialoauth/) to implement twitter & facebook logins for a web site. The site is php and mysql based.
I've got logins implemented and working, but I need to get the users screen name or email so that I can store their preferences about my site in a mysql database. I'm not sure how to go about getting their information once I've got the oauth_token and oauth_secret. I couldn't find any documentation or examples using socialoauth, aside from getting the logins working.
I downloaded twitteroauth (https://github.com/abraham/twitteroauth), and mismashed that together with socialoauth.php via this tutorial (http://net.tutsplus.com/tutorials/php/how-to-authenticate-users-with-twitter-oauth/) and was able to get the twitter user's information, but I would prefer to use only socialoauth.php because it does logins for both facebook and twitter.
Specific question: does anyone know which functions in socialoauth are used to get the user's information (hopefully for both twitter and facebook)? I'm very new to this, so it's possible I saw the function I needed while I was looking through the code, and simply didn't recognize it as what I needed.
Twitter does not provide access to users email addresses. The users Twitter screen_name should be returned in the same request you get their access token however.
With Facebook you have to ask for the email permission and then their email address should be accessible with the profile details.
I'm trying to implement facebook connect to my website, and i have couple questions.
1: Is it possible to register user in my website using his current facebook email/password.
Let's say user clicks on link Register via facebook and then he have to give me permisions to access his password, email, etc... and after that is done i put that info in my own database and he will be able to login with that account any time he wants without needing to give me permisions any time in the future.
2: If that kind of registration is not possible, what's other solution would be the best for me? Because i need to somehow keep track of that user who logged in with facebook, because he can upload photos, send messages etc.
Anyways, i'm quite new with facebook and similar things, so i'm really lost here, hope some one can help me :)
EDIT Thank you all for wonderful answers it helped me a lot, now all that's left is to read documentation :)
Yes it is, it is possible to get the information of the user. But it is rather complicated, when you have never dealt with it.
First you need to send the user to the following link:
https://m.facebook.com/dialog/oauth?client_id=your-client-id&redirect_uri=xxx&scope=listof-information-you-want
Facebook will then return your client to the uri specified, if the user rejected it will give a reason. If it is not you will get an code in urlencoded format.
This code is needed for the following step, the request of the access token:
https://graph.facebook.com/oauth/access_token?redirect_uri=xxx&client_id=xxx&client_secret=xxx&code=xxxx
This will give back an access token, if the authorization didn't fail.
After that you can ask for the information you want:
https://graph.facebook.com/me?method=GET&metadata=true&format=json&access_token=access_token
This will include a facebook uid, which is unique for all users. Store it and you can discern between a register and login.
This is roughly the process for any oauth2 application.
Facebook will not ask repeatedly for permissions after the user granted them to you. So you can store the access token and reuse it for backend stuff and also use the same procedure you use for register for login.
You can never access the user's password from Facebook even with his/her permission, so the user will always have to authenticate via Facebook and have Facebook pass you the user id of the logged in user once authentication succeeds. You can store all kinds of other data locally, but not enough to authenticate the user yourself.
Once the user is authenticated, you'll have access to the user's Facebook user id via the API, which should be enough to connect all kinds of information to that specific user.
Facebook does not provide access to accounts when passwords are taken from your controls. It provides it own canvas for login information. Therefore you cannot use your first approach to store passwords in your databases. Check this out.
You can however store email addresses once user logins into his account using the facebook sdks. Check this out link for the example of C# SDK sample code.
You can use the Facebook APIs to fetch user email-id, photos, friendslist and other information and then play around accordingly.
You don't get access to the users password - only email if you ask for it.
Best way would be to have a table of users and their Facebook account id's.
If you want to allow users to sign up without Facebook then have a nullable field for their password and facebook id, and also have a field for username - which you could populate from Facebook if they register via that route.
I'm new to all this. This is what i'm after and i'm sure it's possible.
I've got a script where people can register/login in to as members. What i'd like to do is tie it in so that it just uses Facebook users details for the registrations. I've managed to set it up to sign up and and complete a registration using a user's name and email.
What i'd like to do now is automatically log the user in if they're logged in on facebook, is this possible or will they need to click a login button that then takes them to their page? If they need to click a button to login, how do I go about getting the button to take their facebook details and log them in? Also what happens in regards to passwords on my site? Is that stored in the app somehow?
Ideally i'd like to use the popup version of verification rather than the iframe that i've got set up at the moment.
Cheers in advanced for any help for a n00b!
This is in fact possible. Although I for my part was never a fan of such things here's some human-readable (simplified) theory:
Facebook uses a system called OAuth ( http://de.wikipedia.org/wiki/OAuth ). That means, when you want to have the user login onto your site using Facebook you'll of course need to provide a button/facebook-login-frame (see documentation) that says "Log me in with Facebook" or so. You then access Facebooks API (more here: https://developers.facebook.com/ ) and basically tell Facebook who you are ("Hi I'm website XY"). While that happens your user is redirected to Facebooks "permission-landing-page". On that page he needs to confirm whether he is fine with your website accessing certain information (like his name). If he confirms your website receives an access-token granting you access to a subset of his user information which you can then use to personalize his expeirence on your website.
Check out facebooks documentation because they explain exactly your usecase in detail.
(here: https://developers.facebook.com/docs/authentication/ )
PS: You'll of course never have any access to his Facebook login/password. That's kind of the idea behind "delegating" the authentication via OAuth to Facebook. Facebook only provides you with an access token (bound to that particular user who logged in and granted your app/website permissions)
I've been trying to figure out a way to have my iframe Facebook app (built in PHP) work without requiring separate authentication methods. I am already logged into Facebook, but for some reason I still see all these Oauth notices from the example in the PHP SDK.
The only data I need is publicly available even without them "adding" my app. I am looking to collect their Facebook ID (since this is a contest, we need a unique ID for tracking), their name and (optionally) their email address as well.
The problem is, I cannot use the API to fetch the public information unless I already know their Facebook username. Any ideas on how I might be able to get their logged-in username or public handle so I can then fetch the rest of the information?
For whatever reason, Oauth is driving me completely insane with Facebook today.
Sidenote:
I did manage to technically get the Javascript SDK operational, which fed some information to PHP for use. The only issue there is that once I login, I don't see the data. If I refresh...then it shows up. Unsure why the refresh is required, as I wouldn't expect a user to actually have to hit refresh in order to proceed with the app.
I guess you are a bit confused here, Facebook will NOT share the username, id, full name or email without the user explicitly authorizing/allowing your application (and in the case of the email, requesting the email permission!).
Read the official Canvas Tutorial for more information:
In order to gain access to all the user information available to your
app by default (like the user's Facebook ID), the user must authorize
your app.
Having read the Facebook connect documentation I'm unable to determine what information I will have.
I realise I will have the Profile photo & Proxy email and access to a friends mechanism. I'm reasonably sure I will have access to First name and surname. Will I have access to things like Age?
EDIT: This isn't a Facebook APP, I'm using Facebook connect. RE: bobcat's response, can you still use Users.getInfo?
Once a facebook user has okayed your app, you can use the API including Users.getInfo which gives you the users birthday.
update As far as I can tell from the docs, when a user uses facebook connect to authenticate on a website, then the website can do anything that a facebook app could, with a few restrictions.
For some reason this post still came up when searching for something similar with Facebook login information, despite how old the post is.
Facebook is now using the term "FB.login" which was known as "Login with Facebook". It provides you with information that you request, whether that be an email and birthday, to profile information of their name and address, etc.
I found this link that will tell you the permissions you can request using FB.login here:
https://developers.facebook.com/docs/facebook-login/permissions/v2.0
There are plenty of options for requesting information and posting on their behalf.
I was searching for the access token information to keep the connection while registering or signing in. That information I found at the bottom of the next section of their documentation, found here:
https://developers.facebook.com/docs/facebook-login/access-tokens/