How to synchronise with facebook that username & password are valid or not? - iphone

I am creating an application in which I am trying to add facebook account in app. What I wish to do is when user enter his/her username and password my application should call some facebook api or any other thing by which it will confirm that the user credentials are correct for facebook.
Then the API will return some message by which I can add account or give an alert that credentials are not right.

it is not possible to login using the username/password directly to the api.
use facebook connect instead.

Related

Using Facebook and Google Authentication

In my Angular2 app I am using Google, Facebook, Twitter and Github authentication. Twitter works fine. The problem is with Facebook and Google.
Facebook:
When I enter my username and password for Facebook login, it says App Not Set Up: This app is still in development mode, and you don't have access to it. Switch to a registered test user or ask an app admin for permissions. whereas while using twitter, the page which should show up on logging in appears.
Google:
When I am not logged in to any of the mail ids the Google authentication works fine. But if I am already logged in to any of my mail ids, then the authentication system takes that mail id itself and logs in to the app. Is there any way to make it such that the system asks which mail id I want to use, even when I am logged in through one id?
Any help would be greatly appreciated. Thanks.
You can force prompt with Google by setting custom parameters. This will give the user the option to switch accounts:
var provider = new firebase.auth.GoogleAuthProvider();
provider.setCustomParameters({prompt: 'select_account'});
firebase.auth().signInWithPopup(provider);

Customized facebook login page

Can we customize facebook login/authentication page?
I want to use my own customized pop up for receiving 'Email' and 'Password' input from user so that it is consistent with the GUI of my application. Is there a facebook API to which I can pass the Email/Password details received from user?
Looking at https://developers.facebook.com/docs/reference/api/user/#permissions you cannot "create" new permissions. This has to go through Facebook so they know what permissions have been granted. This ensures that you're not just granting permissions on behalf of a user without them having actively granted them. This therefore stands to reason that you cannot style their page.
Alternatively, you could just make sure users register via an account on your site (You want a password so I assume you don't mean their facebook password) and then ask them to connect their facebook account to it. You would need to ask for their email in your form, get them to login, then connect via facebook and associate their facebook id with their account on your site.

Do I need a password for users who login via Facebook?

I have a website that allows a person to create an account with username/password. Once its created they can login and add their own content. Im now thinking about allowing them to login via their facebook profile, so when they go to my login there will be a button that says login with facebook. Then a window will popup to give permission to my facebook app so I can get their info. Once I do that do I need them to create a password still? Or once they initially give permission for their account I dont need a password, so when they come back to the site they just need to reconnect to their facebook profile? Hope this makes sense.
I would suggest the latter is true, and they don't need a password.
No, you dont need to save any password for facebook login. Facebook login box works great if you have implementes Facebook api correctly.
My buddy did the same thing. He has his setup to create a random password if they login via facebook as a precaution if they want to later login not via facebook but via their email or username then they have to recover the password.

Multi login using Facebook, Twitter, and internal login issue

I am creating an app in which you can login via Facebook, Twitter, or our own internal mechanism. The issue is the following scenario:
I open the app and login using Facebook
I logout
I open the app and login using Twitter
The above scenario will result in me as a user having two accounts in the system. How do I prevent this from happening so that I have one account and it doesn't matter whether I login using Facebook/Twitter?
Every time a user login using Facebook I am as well creating an internal account, with the Facebook username and Facebook id as password. The same thing when I login using Twitter I am creating an internal account with the Twitter user name and id as password.
An idea came in my mind to solve this:
When a user logs in using Twitter check the name and email if a user with that information already exists in the database. However, the name and email they use in both Facebook and Twitter might not be the same, so this might not work all the time.
You can't make this work with your current flow (when the user logs in then logs out again). Instead you should allow a user to login with either their Facebook or Twitter credentials and then, whilst they're still logged in, get them to associate their account with their other service with that user.
So, the flow would be something like:
New user arrives at site User logs in with Facebooks oauth2
mechanism
Your server receives their FB ID and generates a new user
in your systems. Stores their FB ID against that user.
You prompt
the user to add their twitter auth credentials. User logs in with
Twitter oauth2 mechanism
Your server receives their twitter ID,
checks to see if a user is currently logged in with your
application. Because there is, you save the twitter ID agains the
current user.
Later, the user can log out and then log in with either service.

Login google account without openID

Can I make a login form on my outside website that would allow users to login to our Google App? Is there an other possibility than using OpenID?
yes you can do that without open id,but for that you must have user-id and password of both ie your website and his/her's google user-id and password.
Then you just have to pass userid and password to google as url and u have to store session.