I need to create a mobile app in which guests will use just the code for their authentication, which is valid for dedicated period of time, so they can apply for different activities in the hotel.
What would be the "proper" way of login those users in Firebase?
Note: I have "real" users as well in Firebase.
Related
We are working on a system which retrieves data from customers' Shopify shops and provides some services based on this data. In order to make it as convenient as possible for an end-user we would like to update this data on a daily\weekly\monthly basis.
For now we only came up with a solution of implementing unlisted app, prompt a user to provide all necessary permissions for the app to access their shops and fetch the data. But the token we get doesn't seem to be valid for a long time and we probably won't be able to reuse it a day later.
We appreciate it if you can share any success cases of implementing this kind of approach.
You provide an App to the merchant they can install using oAuth. When the merchant is prompted to approve the App, Shopify will then provide your App with a long-lived access token you can use as much as you want, for as long as you want. I use a custom App from my Partner App dashboard to create these kinds of one-off Apps. It is superior to the one where the merchant has to tick off scopes and permissions IMO.
There are two kinds of token you can ask for and receive. One is considered for offline access, or long-lived. It works for everything. It is for webhooks as an example, or other access where no person is involved. But, there is also, online access tokens! Say a person clicks into the App from Shopify to do some work. You can request an online token for them to do their thing, and that token is only good for say 24 hours.
So you have options!
I am new to Shopify and exploring options to run a streaming service. I want to build functionality through which I am able to limit the number of users concurrently login through a particular account.
That is if say 4 users are logged in through user A it should not allow 5th user at the same time (Based on plan) as people share their login credentials. Does Shopify provide this functionality or any good recommendation of any such app?
You can check this app . This is solving similar problem not sure how they are doing it though .
You can configure this app easily and set your custom banner for 5th user (In your case) or also force log out the first user in case of 5th user attempts to login.
I am working on a web application which is based on Google App Engine (GAE). The requirement of the application is that one user can be associated with multiple company accounts.
My application has two main types of accounts. One is that main Admin/Company account. Other is the employee account (i.e. the persons who work under a company). Now, what I want to do is that to allow an employee to work under more than one companies, but he does not have to make a separate account for each company. His single account can be associated with multiple companies.
I have explored different platforms which are already supporting this feature. The major ones which I found are Slack and Asana. And my problem can be perfectly mapped to what Slack is doing right now i.e. I create a single account on Slack and I can join multiple workspaces on Slack using this single account.
I want to achieve the same in my application too. I am curious that how Slack is supporting this feature right now? Does it send some ID with every request to the server which indicates that the activity which just has been done is associated with the workspace under this ID? Or there is some unique sort of token associated with every workspace (on Slack API level)?
I do have such a model in my app. A unique auth_token is associated with every company account. So, I am thinking that when an employee wants to do an activity for a specific company he will send this unique token with the request to the server so that server knows for which company the activity was performed.
Does anybody know what is the best way of achieving this?
There are two different concepts at work here:
Relation between account and company / workspace
The data structure for the Slack account is designed such that it can be linked to multiple Slack workspaces, e.g. in SQL you would have a many-2-many relation between the accounts and the workspaces table.
Staying logged in
The way Slack and others Single-Sign-On provides like Google SSO keep you logged in is by settings a browser cookie. That cookie would usually be some kind of crypto hash and the SSO provider will use it to identify to which account the current user belongs to or to request a login via OAuth if the cookie is missing / invalid.
This can also be achieved partly with server sessions (which also uses cookies). Using server sessions is easier to implement than implementing your own (secure) cookie solution, however the user will only stay logged in as long as the browser stays open. But that should be sufficient for most solutions.
Note that tokens for the Slack API work very differently. e.g. they have to be generated per workspace, user and app.
I am creating an arcade website with multiple games. should I generate a single oauth client id for the entire domain or should I generate a unique oauth id for each individual game?
The more interesting question is: What user experience would you like to give users?
If you want to build your brand across each of the games, you'll configure a single project (ZBestArcadeGames.com, for instance) in Cloud console. Users will be prompted to authorize your entire site. Whether you create one client or multiple clients in this case is not super-important, since you can configure multiple redirect_uris for a single client. Users will consent once to sign-in to your site and they can authenticate to every game w/o additional consent prompts. Similarly, if they revoke access to your site, they will no longer be able to authenticate to any game in the site. This may be the typical choice if your company develops all games it hosts.
If, on the other hand, you want to highlight the individuality of each game and allow users to consent / de-authorize authenticating to them individually you need to create separate projects each with its own brand (and in this case you will need to configure at least one client in each project). This may be the typical choice if each of the games is developed by a company and there's no implied trust between the games you host and your company, and you'd not like to sign terms-of-service on behalf of these other companies--you might even want to ask the developers of each original game to register separately (using the redirect_uri for your site).
I am developing a web app for a group, and I want to be able to let anyone in the group create an event and add it to the group's calendar through the app. I was able to get the basic functionality working using Google Calendar API v3 for Javascript -- you could fill out a form with the event's start/end times, title, information, etc, and it could insert that event into the calendar.
But the problem is with authentication. If a user is logged in to a Google account that is not given permission to create events on the calendar, they are unable to add the event (Javascript writes "Forbidden" to the console). If I log out of all Google accounts and then sign in with the account that owns the calendar, the event is created with no problems (that makes sense).
Adding every single person in the group to the edit-permissions on the calendar seems like too much of a "brute force" method.
Is there a way to always authenticate the Google account that owns the calendar? Or, better yet, is there a way just to force authentication in general, even if someone is already logged in to Google / authorized to the app? Some people in the group know the calendar login/password, so if I could always bring up a Google login screen, they could just enter the calendar account information and then add the event from there. Again, I'm using Javascript (not much documentation on this...).
Thanks!
Have a look at Service Accounts. That way the calendar is owned by the application, and so the application will always have permission to update it.
If you want to avoid authentication problem from other opened session in user browser, you have to authenticate on the calendar, using server side library.
check this link:
https://developers.google.com/google-apps/calendar/auth
it bounces you from one article to other, but at the end you should get all information.