I created a ReactJS web app with a “user profile” page where the logged user can save: name, surname, email and address. For the moment, every time I log-in and save the data a new object is created.
I would like each logged user to be linked to a single ID, namely Auth0 one, so that I can always retrieve and update the row of the right user in my MySQL database.
I tried to look for other similar questions and to see the documentation, but it's my first time with authentication and I haven't found anything specific about Auth0,so I apologize if it’s a trivial question or asked several times .
Related
I have three websites: a.example.com, b.example.com, and c.net. Each was built a couple years after the other and all have their own users table.
I want to integrate these sites together so that I can login with a single username/password combo and have access to all three sites just by clicking links without having to login again.
I've never done an integration like this before, so looking at two angles:
1) Create another website, 'd.net' where new accounts can be created. If you login to one of the original three sites, it asks you for your d.net account. If you dont have one it asks you to make one. In your 'account settings' on d.net, you can 'add sites' to your account by entering your old username and password for them. Sound reasonable?
2) Solving the technical problem of being able to one-click login to another of the three sites if i'm already logged into d.net. Afaik, cookies with a session ID can't be shared across domains. So... maybe generate a token and save it to the database. Send token over GET to another website, which can check the token, log the user in, and then delete the token. Sound about right?
Have you looked at OpenID?
http://en.wikipedia.org/wiki/OpenID
Don't have to re-invent the wheel.
I am trying to findout the user's first time login using asp.net membership (mysql) and depending on that I'm displaying some agreements page.
The procedure I follow is:
When a user registers a mail will be sent which is for confirming the email Id.
until this point the user is not authenticated.
After clicking the link provided in email Id, the user's authentication is done by user id present in query string.
Now the user needs to login by credentials. At this point user gets authenticated and I want to show him a legal agreements page with a check box in it.
Solution I tried:
I supposed the last login time will be 0/0/0000 00:00:00 AM but in vain.
It would be great if anyone could suggest me a solution for this.
I also encountered the same problem. the only solution that struck my mind was to check whether LastLoginDate = CreateDate or not. If this criteria is true it means that the user is trying to log in for the first time.
But be careful that you must check it before log-in procedure. (but I should say the I use Ms Sql)
You can also check the number of users haven't logged-in yet.
select LastLoginDate from aspnet_Membership where LastLoginDate = CreateDate order by LastLoginDate ASC
I know of the Windows.System.UserProfile.UserInformation class to retrieve first and last names. Is there an API to retrieve a persistent ID of the currently logged-in user? I want to roam certain user settings, but I'd hate for users to login to my app after they've already logged into their OS.
All I need is an ID that is unique to the Windows Live account of the user.
This really depends on what you want to do. If you don't want the user score to roam then why not on first load add a guid to identify the user/device combo and return that to the server?
This would also mean you weren't storing personally identifiable information on the server which a user might not expect.
I have a requirement to generate an email to administrator whenever a user sign up. Administrator will approve the registration by clicking on a link provided in email and database should get updated, without admin to login to administrator console.
I am looking for best practice to code this scenario with keeping application security intact. I can generate email with dynamic rendom value attached to the link(provided in email) URL, but i am not sure how to keep a track of this on application side?
Any thoughts?
You could generate a random validation number when the user signs up, and store it in the database with the user record. Then generate an email with a link such as
http://foo.bar.com/approveUser.action?userId=<theUserId>&validationToken=<theRandomNumber>
When the approveUser action is invoked, check if the validation token stored in the database for the given user ID matches with the token sent as parameter, and if so, approve the user.
I'm a beginner when it comes to php/scripting - or "websiting" in general.
What I really would like to do, is to fetch a users profile picture and user id, when the person clicks on the "Login with facebook" button. I then want to be able to div this out on my page. Is it a way to do this via mysql? When the person clicks login/allow, their picture and user name will be stored in my database and then displayed?
To my understanding, I have to go via the FB.api?
Thank you who answers :).
Once user authorize your app with basic permissions, you'll get a access token.More about authentication can be found here
Once you get the access token, you need to send a get request to https://graph.facebook.com/me with the access_token you received in step 1
It will contain JSON string that will contain userid and link to profile picture, you can save that to your mysql database
More about graph api can be found here