I want to ask I have developed a mobile application which you can login using Facebook username and password so I want to know how can I save the username and password from Facebook into my remote database.
This is my code any help please:
var fb = require('facebook'); fb.appid = "281158112043247";
// Set the URL
fb.permissions = ['email'];
fb.authorize();
fb.addEventListener('login', function(e) {
if (e.success) {
fb.requestWithGraphPath('me', {}, 'GET', function(e) {
if (e.success) {
var data= JSON.parse(e.result);
xhr = Titanium.Network.createHTTPClient();
xhr.open("Post", "http://192.168.131.145:5220/Create.svc/createClient");
var params = {
Clientusername: data.name,
//password:password1.value,
// Clientpassword: Ti.Utils.md5HexDigest(password1.value),
Clientnom: data.name,
Clientid:data.id,
Clientemail: data.email
};
xhr.send(JSON.stringify(params));
//xhr.send(e.result);
Ti.API.info("Name:"+data.name);
Ti.API.info("email:"+data.email);
Ti.API.info("facebook Id:"+data.id);
} else if (e.error) {
alert(e.error);
} else {
alert('Unknown response.');
}
});// request graph
}else{
if(e.error){
alert(e.error);
}else{
alert("Unkown error while trying to login to facebook.");
}
}
});
You don't have access to their Facebook password. The oauth specifically protects against you having to know their access credentials. It allows Facebook to separately identify you, and what you are doing with the API. The user can also then disable your access to their data, if they see fit. But if you had their password, you could do anything that they can do, even temporarily steal their account. Plus their account would only be as secure as your storage of their password (is it encrypted? are you servers secure? on premise? compromised? running any malware?). So generally, no, it's a bad idea, don't do that, even if you figure out a way to do so.
In the case of your code above, you have already authorized the user inside your app, so you won't need to authorize them again. They'll already be logged in. You should check if (fb.loggedIn) and then do your logged-in-only code, else fb.authorize();.
Related
I need to use microphone in my flutter web application. i tried the bellow code but it only work if i request 'camera' .
final perm = await html.window.navigator.permissions.query({"name": "camera"});
if (perm.state == "denied") {
Scaffold.of(context).showSnackBar(SnackBar(
content: Text("Oops! Camera access denied!"),
backgroundColor: Colors.orangeAccent,
));
return;
}
final stream = await html.window.navigator.getUserMedia(video: true);
try this :
PermissionStatus permission = await window.navigator.permissions.query({'name': 'microphone'});
now you know that you have permission or not.
granted if have permission and prompt if not.(or denied if blocked)
but in case of prompting dialog to get permission I use a trick and I send a request to get UserMedia for the first time and it's show the request dialog.
await navigator.mediaDevices.getUserMedia(mediaConstraints);
As far as I know the browsers are not support for sending direct request for permission and you should use some tricks to show the dialog like above.
I've started using the GMail API and it's working fine on my local machine; it will open the Google permissions page and I can select my account. It then stores the return json token and only asks again if this token is removed.
When I publish to the server, the OAUTH page is never displayed and the application appears to timeout with a 'Thread was being aborted' exception.
My code;
try
{
using (var stream = new FileStream(HttpContext.Current.Server.MapPath("~/credentials/client_id.json"), FileMode.Open, FileAccess.Read))
{
string credPath = HttpContext.Current.Server.MapPath("~/credentials/gmail_readonly_token.json");
_credential = GoogleWebAuthorizationBroker.AuthorizeAsync(
GoogleClientSecrets.Load(stream).Secrets,
Scopes,
"user",
CancellationToken.None,
new FileDataStore(credPath, true)).Result;
db.writeLog("INFO", "Gmail Credentials Saved","Credential file saved to: " + credPath);
}
// Create Gmail API service.
service = new GmailService(new BaseClientService.Initializer()
{
HttpClientInitializer = _credential,
});
}
catch (Exception e)
{
db.writeLog("Error", "Failure when creating Gmail class", e.Message, null, _username, null);
}
Is there something I need to change within the 'client_id.json' (formally client_secret.json) file? The only thing I have altered is the redirect_uris line.
Any other suggestions would be welcome, the only other question I could find that is similar is here but there is no answer.
Thanks,
Danny.
The first one worked because you followed the intended use case, which is client-side. But, to implement authorization on the server, follow the Implementing Server-Side AUthorization guide.
Currently I can determine if a user has Allowed or Denied browser location services. But how do I detect if a user's browser has previously allowed the permission? I don't want to show the "setting message" to the user again.
$("#updateLocation").click(function(e){
e.preventdefault;
navigator.geolocation.getCurrentPosition(allowLocation,deniedLocation);
return false;
});
function allowLocation(position){
// codes
}
function deniedLocation(){
// codes
}
I also facing the same problem. And, after I search and experiment I finally found the answer
You can add this JS code :
navigator.permissions.query({name:'geolocation'}).then(function(result) {
// Will return ['granted', 'prompt', 'denied']
console.log(result.state);
});
Then you can use your custom code as needed.
source : https://developer.mozilla.org/en-US/docs/Web/API/Navigator/permissions
You can do this simply by making use of HTML5 localstorage which allows you to create key-value pairs:
$("#updateLocation").click(function(e){
e.preventdefault;
if(localStorage.location == undefined){
var ip-located-geo-location = navigator.geolocation.getCurrentPosition();
// code to get ip-located geolocation
var user_defined_location = prompt("Please enter your location", ip-located-geo-location);
localStorage.location = user_defined_location;
}
else{
// use localStorage.location
}
return false;
});
If the location is not previously saved then it asks for user_defined_location, also displaying the ip-located-position, and thereby updates the localStorage, so that the next time the user doesn't have to reset the location according to his preference.
So I am using the facebook-php-sdk and I have created a page tab
On the page tab I am trying to use the SDK and it only works when I have logged into facebook as the page not as a user so what would the cause of this be?
require 'facebook-php-sdk/src/facebook.php';
$facebook = new Facebook(array(
'appId' => '//APP ID//',
'secret' => '//APP SECRET//',
));
// Get User ID
$user = $facebook->getUser();
// We may or may not have this data based on whether the user is logged in.
//
// If we have a $user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
}
catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
if(isset($user)) {
var_dump($user);
}
else if(isset($user_profile)) {
var_dump($user_profile);
}
else {
echo $loginUrl;
}
var_dump($facebook->getUser());
I get this is the error_log: Bad Signed JSON signature
Is the user you are testing with connected to the page (i.e., Liked it)? If not you will not receive any information about who the user is. This is to be expected. Facebook does its best to anonymize the user interaction with pages' apps when the user hasn't explicitly Liked the page.
I have created a pretty basic Flash website for a client and am having an issue programming a Client Login feature that he would like. Currently, if I navigate to the site and click Client Login, it takes me to a login page. The way I need this to work is -- within the Flash, using ActionScript 2.0 -- have the user enter their UserID and Password and click to login, which submits POST vars to the form action of the Client Login website.
Is this possible/legal to do from a different domain? How would I go about doing this, assuming it's possible?
Try this:
myVars = new LoadVars();
myVars.username = username.text;
myVars.password = pwd.text;
myVars.onLoad = function(success) {
trace("yay!");
else {
trace("try again");
}
}
myVars.sendAndLoad("login.php", myVars, "POST");
So, I get "yay!" with the code provided below (yours had an error in it). However, I need to be redirected to the resulting "logged-in" page. How do I do that?
myVars = new LoadVars();
myVars.txtUserID = "some_user";
myVars.txtPassword = "some_password";
myVars.__VIEWSTATE = "dDw3MTcxMTg3ODM7dDw7bDxpPDM+O2k8NT47PjtsPHQ8cDxsPFRleHQ7PjtsPGRlbW87Pj47Oz47dDw7bDxpPDE+O2k8Mz47aTw1Pjs+O2w8dDxwPGw8VGV4dDs+O2w8YmFja2dyb3VuZC1jb2xvcjojZjZmNmY2XDtjb2xvcjojMzMzMzMzXDs7Pj47Oz47dDxwPDtwPGw8c3R5bGU7PjtsPHdpZHRoOjEwMHB4XDs7Pj4+Ozs+O3Q8cDw7cDxsPHN0eWxlOz47bDx3aWR0aDoxMDBweFw7Oz4+Pjs7Pjs+Pjs+Pjs+56k0UDxn5ED61lGLjP0fIkStm6o=";
myVars.onLoad = function(success) {
if (success)
{
trace("yay!");
} else {
trace("try again");
}
}
myVars.sendAndLoad("http://www.buildertrend.net/loginFrame.aspx?builderID=35&bgcolor=%23f6f6f6&fcolor=%23333333&uwidth=100&pwidth=100", myVars, "POST");