I'm using Auth0-Lock for authenticating a user. But it seems that the response data from Auth0 did not include Facebook user_id. I want to get user_id because I need it to show user's profile URL in my app, like this: www.facebook.com/{user_id}.
{
"sub": "facebook|1613270415401150",
"given_name": "Steve",
"family_name": "Giáp",
"nickname": "hgbk.it",
"name": "Steve Giáp",
"picture": "https://graph.facebook.com/v2.5/1613270415401150/picture?width=720",
"gender": "male",
"locale": "en-GB",
"updated_at": "2018-10-09T04:25:12.921Z"
}
The Id from sub or picture are not related to user_id.
The user_id that Auth0 uses is the id that is provided by the identity provider and in the case of Facebook they are now app-scoped. Therefore, the user_id is not the user id of the user, but rather an identifier for the user for this specific application. As per Facebook docs The id of this person's user account. This ID is unique to each app and cannot be used across different apps. This is the id that Auth0 uses as the user_id, following the pipe, e.g. facebook|<id from Facebook>. I believe you used to be able to use that id to see a person's public profile, but Facebook has since deprecated providing the username.
Related
I'm trying to get a PUBG player's details using the Players developer API.
I'm aware that both the operations of this Players API require the account ID of the respective player, whose account details are required.
However, I tried my best to find the account ID (starting with account. and having 32 alphanumeric characters), but all in vain.
In this aspect, I've two specific questions:
How can I find my PUBG account ID?
If I want to fetch other players' details via API, how do I get their account ID programmatically? Or should I need to ask for their account ID explicitly?
Use filter[playerNames]=myPlayerName as shown in the player docs
On succes, it wil return a object containing the account_id;
https://api.pubg.com/shards/steam/players?filter[playerNames]=myPlayerName
{
"data": [
{
"type": "player",
"id": "account.c0e511111111111893af",
...
Replace myPlayerName with the username you're looking for.
edit;
This Community Manager says that only - and _ are allowed in nicknames, url-escaping won't be necessary!
I'm trying to model a profiles database, where every profile is public for authenticated users, and where each user can only update his/her own profile.
Each profile document _id will be the email of the registered user, and I modeled the following validate_doc_update function:
function(newDoc, oldDoc, userCtx, secObj) {
var id = userCtx.roles[0].substring(5);
if (newDoc._id !== id) {
throw({forbidden: "One can only update one's self document."});
}
}
I tested the database and it worked perfectly as I expected. Am I getting this right? Is there any flaw or breach?
(I'm using SuperLogin for creating and login-in the users)
Yes, this is a viable solution. I'd check for the roles prefix to be "user:" just to be safe, and maybe you can also allow users with the role "_admin" to edit any document.
One possible problem with your solution might be that you are probably exposing the email addresses of all your users if you use the email as the id. But if you're ok with that in your particular use case, your solution is fine.
The key here is SuperLogin. It creates a document in the _users database to represent a session of a given user.
When the user logs in, SuperLogin creates a new session that inserts a document that looks like this:
{
"_id": "org.couchdb.user:iwn9IpwNR4i0wrxmYcGarg",
"_rev": "1-0f36c9e220c41fe54726cdd01adcdcf2",
"password_scheme": "pbkdf2",
"iterations": 10,
"type": "user",
"name": "iwn9IpwNR4i0wrxmYcGarg",
"user_id": "aasaaaaaaaaaaaaaaaaaaaandremiramor#gmail.com",
"expires": 1458027109739,
"roles": [
"user:aasaaaaaaaaaaaaaaaaaaaandremiramor#gmail.com",
"user"
],
"derived_key": "9a6cfaaac2249ef74fba599c3fbede65a48dcd32",
"salt": "1ef2689337699061b9460f6f68f63f28"
}
The roles array is also created by SuperLogin using the username. Since I had it configured to use the email as the username ({emailUsername: true}), the e-mail was could be matched as the corresponding document _id.
I would like to show the people numbers of a company. For that I display a result of a search.
I got a numResult but this number is not the real number of the company
IN.API.PeopleSearch()
.fields("id", "firstName", "lastName", "headline", "pictureUrl","location","public-profile-url")
.params({
"company-name": "Google",
"current-company": true,
"count": 8,
})
.result(function(result, metadata) {
setSearchResults(result, metadata);
});
}
Then I have result.numResults who is not the good number of the company. Someone has an idea?
I guess this is the number of the company about the user when he is connected.
You can retrieve specifics about companies, including the company size, from the Company API. The specific field that contains the size range for the company is employee-count-range.
In terms of accessing the data via the JavaScript API, consider using the IN.API.Raw() method.
I've written an automated system to automatically fulfill items in shopify via the API from data received from a fulfillment center but would like to build a tool to "undo" fulfillment should there be a problem but I can't seem to get the API to respond and the documentation is fuzzy as to which id's are required..
I assume the first #id is the order id and the second the item but I've tried all the id's from the order/fulfillment (line item ids, item_id, etc) and I'm still getting a {"errors":"Not Found"} from POST CURL call.
Am I using the wrong id? or is there some other reason work?
Here's the url Im hitting:
https://{API_KEY}:{API_PASS}#{my_store}.myshopify.com/admin/orders/{order_id}/fulfillments/{some_id?}/cancel.json
The first ID is the order ID, as defined in the order_id parameter on the fulfillment.
The second ID is the fulfillment ID, which is defined in the id parameter on the fulfillment.
Assuming you have a fulfillment that looks like this:
"fulfillment": {
"created_at": "2012-10-16T11:31:17-04:00",
"id": 255858046,
"order_id": 450789469,
"service": "manual",
"status": "pending",
"tracking_company": null,
"tracking_number": "1Z2345",
"tracking_url": "http://www.google.com/search?q=1Z2345",
"updated_at": "2012-10-16T11:31:17-04:00",
"receipt": {
"testcase": true,
"authorization": "123456"
}
}
Your POST URL should look like this:
/admin/orders/450789469/fulfillments/255858046/cancel.json
Consider the scenario, an unknown unauthenticated user is looking at the list of nerddinners and then goes to a particular dinner, enter his name and email and clicks "Attend". This should result in two things. Create the user and create the DinnerAttendRequest for that user.
The user also has a property called FavProgLanguage which is set to the prog language property of the dinner which he wants to attend.
Assuming it is a single page javascript app which talks to an API, there are two approaches which come to mind.
1) On the client, set the users FavProgLanguage and then POST to /user with name, email and favproglanguage to create the user. Use the created UserId and POST to /DinnerAttendRequest with DinnerId and UserId to create DinnerAttendRequest.
2) POST to /somename with Name, email and dinnerId and then use dinnerId at server to populate favproglanguage of user. create user and then use userid to create DinnerAttendRequest
The first approach seems more natural/RESTful, however if the logic of computing the favproglanguage is a bit complex, all the api consumers would have to implement that logic and with the second approach that code is written just once on the server.
Which is a better approach? Is the second approach RESTful?
Your 1st design would place the burden of logic, workflow and the fav lang decision, upon the client, this would make handling the user creation and reservation a single transaction difficult and something that a client app would need to orchestrate. Your fav lang logic sounds like an important business rule that again should ideally sit at the server for re-use...
Why don't you look at having some resources like so:
Dinner e.g. { "name", "date", etc. }
Booking e.g. { "user" { NESTED USER RESOURCE }, "bookingStatus", etc. }
User e.g. { "email", "name", "fav lang", etc.}
Some example urls
/dinners/{uid}
/dinners/{uid}/bookings
/users/{uid}
Basically I would POST a Booking resource containing a nested User resource to the dinner bookings url and run the logic for checking is a user exists, creating if needed and updating their fav lang in a transaction.
So to create a booking I would POST a Booking Resource:
{
"user": {
"email": "john#doe.com",
"name": "name"
},
"bookingStatus": "requested"
}
To /dinners/{uid}/bookings
And expect a 201 created response with a response like this:
{
"uid": "4564654",
"user": {
"uid": "1234564",
"email": "john#doe.com",
"name": "name",
"favLang": "C#"
},
"bookingStatus": "booked"
}
Obviously the properties are largely just for example but hopefully this demonstrates some of the concepts and shows that a single POST can be considered RESTful...