I have an app with a local login system. What I am trying to do is allow the user to connect their facebook account to their account. I am using Zend Auth for my main local login and a facebook auth by Michael Krotscheck.
I can connect with facebook fine but because I am using Zend_Auth the facebook data is over writing the main local login storage. All I need is the users email and facebook id and insert them into my users table.
The code below shows how it all works, I do not know another alternative than using Zend Auth for the facebook login. Anybody had the same issues? Advice would be very helpful.
$auth = Zend_Auth::getInstance();
$adapter = $this->_getFacebookAdapter();
$result = $auth->authenticate($adapter);
if ($result->isValid()) {
$toStore = array('identity' => $auth->getIdentity());
// for facebook
$msgs = $result->getMessages();
$toStore['properties'] = (array) $msgs['user'];
$toStore['provider'] = "facebook";
$auth->getStorage()->write($toStore);
$this->_helper->FlashMessenger('Successful authentication');
//return $this->_redirect('/index/index');
// Check if the User is in our dB
//$users = new My_Model_Users();
//$userTrue = $users->checkUserExists($userId,$providerName);
Zend_Debug::dump($toStore);
Zend_Debug::dump($this->_helper->user());
} else {
$this->_helper->FlashMessenger('Failed authentication');
$this->_helper->FlashMessenger($result->getMessages());
//return $this->_redirect('/index/index');
}
J
After more trawling stackoverflow I found a solution.
Multiple Instances (2) of Zend_Auth
Basically created my own Auth class and removed the singleton pattern in Zend_Auth, this allowed me to create another instance.
J
Related
for my facebook quiz app I need to collect the facebookID of
each participating user. My app is in an iframe of another App.
The "facebook-files" I put in the third party folder.
In my controller I invoke it like so:
$this->ci->load->file(APPPATH.'/third_party/facebook.php');
// Connect to Facebook API
$this->facebook = new Facebook(array('appId' => $this->config->item('appkey'), 'secret' => $this->config->item('appsecret')));
It seems not possible to get the facebookID from a participant.
If try the this:
try {
$user_id = $this->facebook->api('/me');
//$signed_request = $_REQUEST["signed_request"];
//$user_id = $signed_request['user_id'];
//print_r( $user_id) ;
} catch ( FacebookApiException $e ) {
error_log( $e );
$user_id = 100;
}
the $user_id is 100.
Can you get me start how to retrieve the right facebookid ?
What would be the right way? Authentication process ?
Thanks in advance!
Ansgar
to get the Facebook ID with PHP you need to use the method $fb->getUser() : https://developers.facebook.com/docs/reference/php/facebook-getUser/
Although, for this to work, the user need to connect into your app. This can be achieve in multiple way, but if you only do it with PHP you can use the getLoginUrl method to get the URL where the user will be asked to accept to login with your app (https://developers.facebook.com/docs/reference/php/facebook-getLoginUrl/). This is also achievable with JS SDK (which is my personal preferred way)
All documentation on Login Dialog can be found here: https://developers.facebook.com/docs/opengraph/authentication/
The key concept here is that the user is anonymous until you ask them to connect in your app.
My website allows users to upload videos to MY youtube account. To connect my aplication to Google (youtube) I used the component ClientLogin like this:
//my credentials
$user = 'mymail#gmail.com';
$pass = 'mypass';
$service = 'youtube';
$developerKey = 'mydevkey';
//create the http client
$httpClient = Zend_Gdata_ClientLogin::getHttpClient($user, $pass, $service, null,
Zend_Gdata_ClientLogin::DEFAULT_SOURCE,null,null,
Zend_Gdata_ClientLogin::CLIENTLOGIN_URI,'GOOGLE');
$httpClient->setHeaders('X-GData-Key', 'key='. $developerKey);
//create the instances
$youTubeService = new Zend_Gdata_YouTube($httpClient);
$newVideoEntry = new Zend_Gdata_YouTube_VideoEntry();
$newVideoEntry->setVideoTitle("test video");
$newVideoEntry->setVideoDescription("just testing");
$newVideoEntry->setVideoCategory("Music");
$newVideoEntry->setVideoTags('test, api');
//call the API to get the upload url and token
$tokenHandlerUrl = 'https://gdata.youtube.com/action/GetUploadToken';
try {
$tokenArray = $youTubeService->getFormUploadToken($newVideoEntry, $tokenHandlerUrl);
} catch (Exception $e) {
}
$tokenValue = $tokenArray['token'];
$postUrl = $tokenArray['url'];
But now ClientLogin is deprecated :S, and I need to use oAuth 2... but have been reading the documentation and it says nothing about connecting using my apps credential (not the user's credentials). Is there a way to reproduce this code but using oAuth?
Theoretically, the way to do this with OAuth2 is with a service account:
https://developers.google.com/accounts/docs/OAuth2ServiceAccount
Once the account is set up in your API console, it then allows for server-to-server interactions. Unfortunately, the Youtube API doesn't yet support service accounts:
https://code.google.com/p/google-api-php-client/wiki/OAuth2#Service_Accounts
Hopefully this support will come soon (at the very least before ClientLogin goes away!)
hi i am connecting to facebook using the following code it work fine for my two account one is gmail and another one is yahoo but it is only working on that accounts not log in on the other accounts of the gmail,yahoo,hotmail i check every acccount that i have every time onautherror come why ? what i am doing wrong is my code is wrong can any one tell me plz
Jid jidUser = new Jid(txtBoxUserName.Text);
xmppCon.ConnectServer = jidUser.Server;
xmppCon.Username = jidUser.User;
xmppCon.Server = "chat.facebook.com";
xmppCon.Port = 5222;
xmppCon.Password = txtBoxPassword.Text;
xmppCon.AutoResolveConnectServer = true;
xmppCon.Open();
Facebook doesn't allow the username/password XMPP authentication anymore.
You can only login using the X_FACEBOOK_PLATFORM SASL mechanism.
See:
http://developers.facebook.com/blog/post/2011/09/09/platform-updates--operation-developer-love/
So for Facebook use X_FACEBOOK_PLATFORM SASL auth in agsXMPP and it will work fine.
I have the situtation like , Admin should login as User from Admin End. I have user email address which is username for my site.
I am using following code in login page.
...
$users = new Default_Model_DbTable_Users();
$auth = Zend_Auth::getInstance();
$auth = Zend_Auth::getInstance();
$authAdapter = new Zend_Auth_Adapter_DbTable($users->getAdapter(),'customers');
$authAdapter->setIdentityColumn('email')->setCredentialColumn('password');
$authAdapter->setIdentity($username)->setCredential(base64_encode($password));
$authAdapter->getDbSelect()->where('status = 1');
$result = $auth->authenticate($authAdapter);
.....
Now I have to use only email address to login. I can check whether ADMIN do the user login from admin end. Is it possible to login using email address ?. Kindly advice on this
If you would like to allow admin to log in as any user from the admin panel, you don't have to use Zend_Auth::authenticate() to check any credentials against the database. All you really need to do is set up the identity like you do for a normal user login.
From admin you might do something like this:
$user = getUserInfoFromDatabase(); // get the user object used for Zend_Auth identity
$auth = Zend_Auth::getInstance()->getStorage()->write($user);
// redirect admin to user frontend
The only important thing is that whatever you write() to the storage, must be the EXACT same object/data you write to storage from your user login code.
It doesn't matter how the data gets there, as long as it is what your application requires to check identity.
Since your admin has already been authenticated and has permission to access a user account, you don't need to use Zend_Auth::authenticate() to validate the user email/password, you can skip that step and simply assign the identity for the admin directly to the session.
You may need to use separate session namespaces for admin and users if you are not already.
Hope that helps, let me know if I can clarify anything. The part where you set the identity is probably short after $result = $auth->authenticate($authAdapter); in your code, probably inside if ($result == true)
I want to implement facebook connect on my site. I have used the oauth api to obtain a permissions request for the app.
However, I am having the following problem.
If a user signs into my site for the first time using facebook connect, i need to create a new username / password for him (on my site) to be able to surf my site and have all the session variables set. However, what should i use as the username / password ?
I understand that a facebook user can change his email address.
How do i handle users who are logging in using facebook connect for the second or third time (who are already members of my site) ? I need not create a user for them on my site as its already created when he logged in for the first time. Do i check for email address to see if the facebook user's email address exists in the database ? Also, comes the same problem that a facebook user can change his email address.
What is the one thing that does not change for a facebook user that i can use for his username ? Also, what do i use for his password ? Also, i understand that if i use username/password from available app data, then using normal mechanism a user can login to my site too. How do i prevent this security hole ?
Please help.
I use the information that facebook send in the callback (facebook unique user id or normal id)and then check if the user is on my database, if not i insert him but i leaving blank the othe rstuff like password or user email (also you can request that info too check the line 418 in the php api and add "'req_perms' => 'email',")because i can retrive that data when they connect again and then set the sessions like allways.
if the users change teh email just check that on every login and update the data.
example:
$facebook = new Facebook(array(
'appId' => 'xxxxxxxxx',
'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
'cookie' => true,
));
$session = $facebook->getSession();
$me = null;
// Session based API call.
if ($session) {
try {
$uid = $facebook->getUser();
$me = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
}
}
// login or logout url will be needed depending on current user state.
if ($me) {
$logoutUrl = $facebook->getLogoutUrl();
} else {
$loginUrl = $facebook->getLoginUrl();
}
if ($me) {
if (!isset($_SESSION["usr_id"])){
$_SESSION["usr_id"] =$me['id'];
$_SESSION["usr_name"]=$me['name'];
// or do your sql verification and then set the sessions
}
}
/////////////////////////////////////////////
Facebook offers user's unique ID. You can recognize user with this information.