I use the nextcloud API in my app. I use it to create the user accounts on nextcloud, for example. The users registers in my app and should not have to create their own Nextcloud password (my app does that for them).
Now I want to send the user to the Nextcloud page via a link. Can I create the link so that the user is automatically signed in? So e.g. if I pass a token via URL parameter?
Example:
https://myprivatenextcloud.com/...?user=user1&pwtoken=02jw9dj0w9djw02ejf0j0s9d2sldfk
Related
I am trying to migrate user from my current directory to cognito userpool. I was able to migrate user when they enter username and password, but not able to migrate when user sign in with google. I have linked google accounts with existing user in my current directory( I use email to send authentication token if user email of google account found in my directory). Same I want to do for migration. Approach I have tried
On pre-signup trigger by external provider get users from my current directory and add it to userpool and link it with external provider. Problem is how to use same password.
Is there any better approach to migrate user on google sign in?
I'm new to shopify app development and trying to build a shopify app with node and followed this post here. Everything worked as explained, but I have things to get clarified, may be very basic things.
My question is where to specify the link that's directed when shop owner select my app from the installed apps list of the shop?
As I understood from the post above App URL given in the App info section of the app is used for installation process and from there it's redirected to one of the Whitelisted redirection URL(s) as defined in the app for HMAC validation and exchanging a permanent access token to access the shops' admin API later.
Now Once my test-app is installed to a shop and when the app is selected from the installed apps list, the request again goes to the App URL and get redirected to callback URL generating a new access token. If this is how it is supposed to be, why it's called a permanent access token and need to be stored? If this not how it should be how to specify a url to direct when the app is selected from the installed app list?
In Short
where to define the url to direct when a shop admin select the app from is installed apps section of the shop like shown below.
After install the HMAC validation and temp code is just to get the permanent token, which you should then store securely in a database.
You don't have to show any of that process to the user using your app; you can have it happen in the background and then redirect to whatever route you like after you have the permanent token.
I have a requirement in my application for iOS and Android, developed using IBM Worklight, to remember the user ID if the user selected this option.
I can achieve this by using localStorage, but the issue is that I have two login pages:
One is placed within the application, and the
Second is hosted on a remote server
Depending on the conditions the application will meet, either the remote login page will be displayed or the local login page will be displayed.
If I use localStorage on local page it is not accessible for server side login page. So I want to use some storage/file on the mobile to store my user id which is accessible for both local and server login page. Is this is possible using worklight/phonegap storage?
More explanation:
Remote login page is hosted on some www.xxx.com domain. My requirement is on launch of application the local login page is shown to the user, there user can enter user id and password and selects remember me option and submits form. Then user logs in and navigated to some xxx.com/yyy server page. From there when user clicks on log out it navigates to remote login page which is hosted on www.xxx.com server. As user already checked remember me option in local page the remote login page has to pre populate the user id text box. And same scenario should happen when user enters credentials in remote login page and selects remember me check box. So when user kills the application from background and relaunches the application user will get local login page where I need to pre populate the user id last time he entered.
Short answer: in my opinion, no.
Longer answer: I will explain what I think using your scenario:
Remote login page is hosted on some www.xxx.com domain. My requirement
is on launch of application the local login page is shown to the user,
there user can enter user id and password and selects remember me
option and submits form.
So far so good. You can store it in either Web Storage or JSONStore or use Cordova File API. Catch: all of these are available ONLY for the specific application.
Then user logs in and navigated to some xxx.com/yyy server page. From
there when user clicks on log out it navigates to remote login page
which is hosted on www.xxx.com server. As user already checked
remember me option in local page the remote login page has to pre
populate the user id text box.
Still plausible. Lets say the user selected 'Remember Me', so you can adjust the URL pointing to the remote login page and send with it as parameters the username and password. Assuming that there will a mechanism to handle those on the remote page.
This does not come for free, though.
This is not meant to work out-of-the-box. It's worth noting that whether Web Storage (localStorage...) is used or any other type of storage- the application and the Cordova InAppBrowser do not share the same localStorage, and the same is true if you open a new WebView.
And same scenario should happen when user enters credentials in remote
login page and selects remember me check box. So when user kills the
application from background and relaunches the application user will
get local login page where I need to pre populate the user id last
time he entered.
This is also a problem IMO, because any application is sandboxed - be it the browser app or the Worklight app, each of them is sandboxed. so you can't just go to website X, and create some localStorage for it and expect that data to be available for another WebView belonging to another app. That's the whole point of sandboxing, in order to protect the app.
And in this case, where the remote "page" will save the data, only Web Storage is available anyway, as JSONStore requires the Worklight API, which is not available when you load external websites.
Notes:
Since you want to save both username and password, you'd probably want to encrypt them in some way, so JSONStore and WL.EncryptedCache are your options, rather than plain Web Storage.
I'm wondering how I can authenticate a user through their device, so they don't have to provide a username and password?
For example I'm on an Android tablet and I connect to www.mysite.com (which is an asp.net site). I want the web browser to submit something to www.mysite.com to handle the authentication so the user doesn't have to put in a username and password and can only use the service from the device.
For our use case we were able to control the url passed to the server. To initiate the process we have the user login once and we generate a guid to be appended to the url when they initially hit our site. When they hit our site with a guid and aren't logged in, we log them in.
I am building an app with the functionality to publish
messages to users walls while specific actions runs on
my website.
What I have done is (briefly):
Registered my own app on Facebook
Added a login button on my website with permission
to publish:
Log in on Facebook
Downloaded facebook-php-sdk library
It is now I start having problems. I do not know how
to do what I want to do now.
What I want to do:
When a user logs on to facebook via my website. I want
a file on my site to be called, where I can update the
user's data in my own database as well.
Because that is not what the canvas url is meant to do? How it
is no, seems no file at all is called on my site when
I click on Login.
Since you are using the Facebook PHP-SDK you noticed that there are two options for the users to login:
Using the XFBML button, which will:
Open a login dialog (pop-up) asking for permissions..etc
When a successful authentication/authorization is complete the dialog will close, the auth.login event will be triggered and based on that the page will get reloaded window.location.reload();
The PHP in the top of the page will get into business and $session = $facebook->getSession(); will actually retrieve a session! $user = $facebook->getUser(); will retrieve the current user
Using the Login URL generated by the Library $loginUrl = $facebook->getLoginUrl(); this URL will get you through the same flow and if you noticed there's a next redirect_uri parameter which will redirect you back after a successful process to that URL (mainly the same URL you are at), where you can change that parameter if you like.
The canvas URL is the URL Facebook uses when it displays your application from within Facebook. You would use this functionality if you expect users to use your application while in Facebook itself.
When authenticating using Facebook's API (assuming graph API usage here), you provide a redirect_uri as part of the authentication URL. Once Facebook has authorized your application, it will redirect the user's web browser to the URI you specified. This URI can be any link you desire on your site. You should use the link as the determination of when the user is logged in successfully, e.g., https://mywebsite/facebook/loggedin.