I'm developing an iPhone app that will need a login system in order for users to post content to a server. I'd really like to use facebook connect for this as it's a very community driven app. Is it possible for me to securely authenticate with the web server without the user having to create a username and password specifically for my app?
One idea I've had is using my app's FBConnect secret key as a password for an HTTPS connection? The app would be able to tell if a user is logged in, and only connect to the server if so. This would also stop any other connections from hackers etc I assume?
Although not just restricted to Facebook, Janrain provide a great solution to login from various openid methods including facebook connect. I believe there is a free product for non-commercial use. There is a demo iPhone app on the app store to show you how it works etc.
http://www.janrain.com/products/engage
Why not just use the Facebook iOS SDK?
Related
I would like to know how the official Twitter Mobile Application (android/IOS) is able to connect a user without approving the application ?
Do they use their own REST API with OAuth but wich one ?
https://dev.twitter.com/docs/auth/obtaining-access-tokens
Do they use a special master key ?
Isn't it a security threat ?
They appear to use OAuth interface just like any other app. If you go to the twitter settings page, where you can revoke OAuth tokens, I see the mobile twitter applications there (iPhone, iPad, IOS integration) and they can be revoked.
How do I make my facebook connect app unlisted? I don't want people to be able to search facebook for an app and find my facebook connect app. But I don't want to use sandbox mode as anybody that comes to my site needs to be able to use the facebook connect app.
Thanks,
Brendan
I'd like to build a web application which allow iPhone users to save a short memo as a todo list on the web server. The user must logon on Facebook on the iPhone before submitting a memo.
On the server side, how can I tell whether the iPhone user has logon on Facebook or not?
In a native app, FBConnect can be used to establish trust between the app and Facebook. (FBConnect calls an fbDidLogin delegate method).
It's up to you to establish trust between your iPhone app and your web service, but once you have, the app can report the FB login state along with it's requests.
Assuming you're just building a web application, I don't understand why it would be different then building a normal web application that uses fbconnect and graph api. You just happen to design it to fit a mobile browser. There's a section on authentication.
I'm designing an iPhone/android app which needs user to login using his/her facebook account.
The app uses GAE (Google App Engine) as the background server, so the problem now is that I don't know how GAE, iPhone and Facebook authentication works.
My guess is user login FB from iPhone and will get an access_token, and then the iphone app sends the access_token to GAE so that GAE can recognize the user.
Is that correct? Or is there any tutorial about how to cooperate between these platforms?
Thanks!
Take a look at the LeanEngine open source project. It was designed to do exactly what you are trying to do - login from a mobile device to GAE with Facebook or OpenID account (and sync data between the client and GAE).
It consists of a preprogrammed GAE application and libraries for Android and iOS and if you are satisfied with the built-in functionality you really do not need to do any modifications to the server part. You can just use it as it is.
I am building a Web site and iPhone app right now. My site and app requires registration.
I have received xAuth permission from Twitter and was going to use this for the iPhone app so that users can connect their Twitter account.
Once they connect their Twitter account, if they log in to the Web, is it possible to make it so their account is still connected?
On the other hand, I am using OAuth verification on the Web. If someone connects their Twitter account on the Web using OAuth, will they still be connected if logging onto the iPhone app?
So basically, I need to make:
User connects account on iPhone app (xAuth) -> User logs in to Web site and is still connected and can post to Twitter from both
User connects on Web (OAuth) -> User logs in to iPhone app and is still connected and can post to Twitter from both
You can do this --- basically once you do the OAuth based login it generate unique Token, so after this data reading is done using Token.
Once you get Token (it can be in Phone/web) use this details between each other so that both of your application can do the rest of operation for the same user without further login.