i have one xib and that xib i put on username, password, and one button is login
and in the tabbar i have one tab bar which name is registration if i tab the registration it will go to server bec i have given the server path bec all form are create in ther to take user information which means username, password firstname and lastname this is on registration form
and now if the user submit this form on server
then i have to show pop message which show that u are now register after that
the login page should show which i show in xib in first line in there i have to fetch the data that data which the user created there username and password in server
this all fetch should hapen within the same time when the user submit the registertion form after that the login page should work but one condition is there suppose if the network is availble then the username and password should cheak wheather the same username and password are have or not on web server if the network is not there then which the user put ther username and password for login it should be match with the database table from local by using sqlite database in iphone
please help me friend in this how can i do this on same regitration and fetch the data with json and save in database localy
Touch up inside of your Login button can send a Async/Sync request to the server with entered user name and password. If you use Async then implement the NSURLdelegate methods.
Parse the response using NSXML parser
Once authenticated save the response in local database
Check the response for cases when network is not available and based on that take action in the handler for login button press.
Related
We have a PHP/MySQL based User Management System and are integrating it with Keycloak version 16 where we will store users credentials.
Our application does not allow users to self register. We create user accounts on the system. When we do this we do NOT specify a password because we want users to set up their own password.
The current system sends 2 separate emails in 2 different circumstances regarding passwords:
If it's a completely new user who does NOT have an existing password, we send them a link to set up a password.
If it's an existing user who already has a password, the system allows them to reset it, e.g. if they forget their password and can't login.
Keycloak seems to cater for scenario (2) because the login forms have a forgotten password link which opens a form where the user can enter their email address and receive a link which lets them do (2).
Unfortunately it doesn't deal with scenario (1) very well and that's where our problem starts. This has been asked a while ago Send password forgotten mail but it seems that Keycloak didn't support this very well in 2020 and perhaps still doesn't now.
Our "workaround" to this was that we added custom email templates and a custom page (reference: Themes on https://www.keycloak.org/docs/latest/server_development/#emails) which includes wording that caters for both scenarios, e.g. "set your password" rather than "reset your (existing) password". The result of this is that our email and form now reads appropriately for both scenarios (1) and (2).
The problem
We want to be able to send a link to the user that allows them to set their initial password to cover scenario (1).
We know that this page exists because on the login page for Keycloak there is a link to the forgotten password form that handles scenario (2). However, the form requires the user to enter their email address and submit the form. The user then receives an email from Keycloak which contains a URL to the page where they can do this. The URL has the following format:
https://example.com/auth/realms/foo/login-actions/action-token?key=...
The key= contains a ~945 character token. Going to the URL above redirects to the form where the user can reset their password. This next URL does not contain a token but a cookie has been set in the browser - by the previous URL - which makes it functional:
https://example.com/auth/realms/foo/login-actions/required-action?execution=UPDATE_PASSWORD
We can't send either of these URLs to the user because the first one (containing key=) has no API method for us to find out what it is - it's only possible to generate this by going through the "forgotten password" step during login, in the browser.
The second URL (/login-actions/required-action...) won't work either because it relies on the previous URL (containing key=) setting the cookie in the browser. If you try and go to this second URL directly (i.e. bypassing the first URL) it will error.
So neither of these URLs will work because we can't find what the first one is programmatically, and we can't use the second one without knowing the first one.
I found https://lists.jboss.org/pipermail/keycloak-user/2018-October/015910.html and the suggestion is using the Keycloak API to trigger a password reset email. This works - sending an HTTP PUT request containing 'UPDATE_PASSWORD' along with the relevant user ID sends the user an email. The request endpoint has the format PUT /{realm}/users/{id}/execute-actions-email which is documented on the link above.
Up to here all is fine - the user gets an email. However, this email does NOT contain a link that goes directly to the "reset password" page! Instead it sends them an email containing the following text:
Your administrator has just requested that you update your account by performing the following action(s): Update Password. Click on the link below to start this process.
Link to account update
When the user clicks "Link to account update" it then shows them a web page like this:
It is only when they click on the link on this page (the one that says "click here to proceed" on the screenshot) that they arrive at the form where they can reset their password.
This is a really poor user experience because the user gets sent a (badly worded) email with a link to... a page with another link! It should just take them to the password reset page directly. What's more frustrating is the fact that Keycloak is clearly capable of generating/sending the exact email we'd like in this scenario: the one which gets sent when a user manually does a password reset via their browser.
So the problem seems that Keycloak's API doesn't support this incredibly important and common use-case of a user being able to set an initial password, in a user-friendly manner.
I am adding the js script in the template to automatically click "click here to proceed". It's ugly but at least the user doesn't see the page
I am facing an issue with Keycloak:
When user clicks on Forget password button, he is asked to enter basic details. Once details are entered, the user receives a mail with link to change his password. User Changes his password, and is redirected to Login page of the application.
Users account gets locked. Admin uses application to unlock the account. User gets email, clicks on link, and generates new password. User now sees a message : Your account is successfully updated.
What I want to do is that the second flow should work in same way as the first one. i.e when user has given new password, he'd be redirected to login page.
Can someone guide me about how to proceed with this?
Difference I've noticed in two flows is the URL that I receive in both of them is different.
First flow, I get this in mail: http://[keycloak-host]/auth/realms/[realm]/login-actions/reset-credentials?code=[code]
Second flow, I get this URL: http://[keycloak-host]/auth/realms/[realm]/login-actions/execute-actions?key=[key]
I am using a custom Parse server hosted on Heroku.
My overall goal is for a unique PFUser to be created through someone clicking a button or a activation link in an email.
I have figured out how to send emails using Send Grid, however I have no idea how to make a custom button or link in the email that will execute some unique code.
My ideal work flow is:
User inputs unique username and password then clicks sign up
An email is sent to the users email with a button or a link
Once they click the button or link, somehow unique code is executed which signs up a new PFUser using the username and password that the user originally inputed.
I know how to do the first two steps, but have no idea how to execute the unique code from an email.
How is executing unique code from an email usually done? I have read something about tokens being used?
Could someone please outline for me how this process works and where I can go to learn all about executing unique code from emails?
Thanks, I appreciate all the help!
Code is never executed from email because it is a severe security risk.
To implement something like you're describing, you would send an email to the new user with a unique link to a web page like http://yoursite.com/confirmation/?id=some_unique_id_like_a_UUID
Then on you write the web page (at http://yoursite.com/confirmation/) to read that id value and then do the action that "signs up a new PFUser using the username and password that the user originally inputed."
I've successfully Integrated my application with QuickBook Online. I successfully implemented DirectConnectToIntuit, SigninWithIntuit, Disconnect scenario and Test according to https://developer.intuit.com/docs/#api/deki/files/3143/recipe_for_review_success.pdf. I have a situation with DirectConnectToIntuit, SigninWithIntuit for multiple user. Consider the SigninWithIntuit scenerio:
When a first user comes, they click SigninWithIntuit in my application, add their username and password, authorize by Intuit and comeback in my site. As the user is new and his email address is not in my database, I show him the account creation form. When this user submits the form after filling it in then I the create database entry, create the user etc, then login and show ConnectToQuickBook button(G. in the above doc). Everything is OK up to now.
When another user is created in the same QuickBooks online company, then this new user clicks on SignInWithIntuit in my application, and they come back to my app after authorization. For this user, I will not show the account Creation form, I just create this new user and assign as a user of the previous created company, login and show the ConnectToIntuit button. But how can I determine the company of the user? I don't have an access token or access token secret yet to do that.
It is answered here (Intuit's live community) -
https://intuitdeveloper.lc.intuit.com/questions/1188167-signinwithintuit-with-multiple-user-of-the-same-quickbook-company?jump_to=answer_2643393
I am creating user registration page with email activation link in Laravel 5.1.
I send activation link to entered correct email address. How to find activation
link is click from correct email address where I send mail
To give you an idea how this could work:
When user registers generate a per user unique token for the new user (e.g. 60be22f4-e849-4676-b64b-c3493e8709e0)
Save this unique token in your database along with the user name and password
Send this unique token along with your activation email (e.g. as a link: http://my-domain.com/user/confirm/60be22f4-e849-4676-b64b-c3493e8709e0)
When a user clicks this link search for the unique id in your user table and mark this user as active/confirmed.
There's a pretty simple way of doing this:
Store a 'secret' for each user in your database, this should be generated on the first creation and shouldn't change for the life of the user in the system. Secret could be a simple string like 'ajchdu8'
Set up an activation route that contains the user ID and their 'activation signature' like so http://yourdomain.com/activate/{user_id}/{signature}
Create a mechanism for generating and comparing those signatures and use the secret for each user as a way of making user only that user can activate their account (or who ever you give the URL to anyways)
The signature is basically just a hash of things that we know about the user but doesn't change in the database so it could just be a hash of user id and their secret then by providing the user id in the link you can look up in the database the user by the id to get their secret and any other details you require to verify the signature.