So I've been following the tutorial at https://github.com/heartsentwined/ember-auth-rails-demo to hook up an ember frontend with a rails backend for authentication purposes. I'm to the point where I can authenticate by submitting a form, and that's great! However now I'm finding I want to do a few things with the current user's information.
Right now, I can successfully sign in and when signed in present a button to sign out. However I'd like to do something like "You are signed in as {{currentUser.username}}. Sign Out"
I saw on ember-auth issue #11 they apparently at one point implemented something like this:
https://github.com/heartsentwined/ember-auth/issues/11
However, after sign in, my authview shows "You are signed in as. Sign Out"
I suspect the user may not be loaded into the application right now. I understand that I could simply query the database for the current user in the controller, however I view this functionality as something application wide that should be available. Is there a best practice here or should I just implement something myself?
Auth Setup
App.Auth = Em.Auth.create
signInEndPoint: '/users/sign_in'
signOutEndPoint: '/users/sign_out'
tokenKey: 'auth_token'
tokenIdKey: 'user_id'
userModel: 'App.User'
Do you have a user model and does ember-auth know about it?
App.Auth = Ember.Auth.create
# stuff...
userModel: 'App.User'
After reading the docs you mentioned above, the correct way to get access to the currentUser object in your templates should be:
"You are signed in as {{App.Auth.currentUser.email}}. Sign Out"
and not only {{currentUser.username}}. I used App.Auth.currentUser.email since I haven't seen any username property on the Auth.currentUser object, but bear with me if there is indeed one then you can use it of course.
Hope it helps.
Related
I've followed through the InteractiveConsole and FriendsSmash example in Unity and learnt how to request permissions during login and get the friend list of the user.
But there's one little problem bothering me a lot.
When FB.Login("email,user_birthday", LoginCallback) is called for an authorized user. The user will be redirected to the Facebook page saying "You have already authorized App-Name".
I'm thinking to only call FB.Login("",LoginCallback) to every user, and then use the FB.API to check if the correct permissions exist, and after that call the original FB.Login method. However, this doesn't seem a very wise way to do this to me.
I did a bit of research but still can't seem to find a nice way to solve this. Can anyone please help me out on this?
Thanks.
If you have status=true in your FB.Init(), it should come back with login info if the user is logged in. You can then use FB.API() and do your permissions check.
I had PlayerPrefs.DeleteAll being called for testing purposes. I found that it was removing the Facebook data so it wasn't authorising on initialisation.
Make sure you don't call PlayerPrefs.DeleteAll()
I have tried to understand the whole OAuth concept but am failing to be able to progress my application. Lets start with some info about what I want to do:
Firstly, I am writing a blog application in Codeigniter, for myself. On this blog, I want to present some of my shared data from around the web, such as tweets, flickr, 500px photos, sound cloud tracks etc. I am starting with Twitter. I know I can use twitter appltes etc, but I want to this all in native code so that I can understand the whole OAuth process.
Secondly, All of the data on twitter, 500px etc is mine - no one will log into my blog, and therefore I am not interested in "sign in with twitter" type stuff.
Thirdly, I have registered my app with Twitter, and have the Consumer Key, Consumer Secret, an Access Token and an Access Token secret.
Now this is where I think I am going wrong. Lets say I want to grab my own timeline. The twitter API says this needs to be authenticated. Can I not just pass my two keys, and my Access Token to retrieve my timeline.
I have tried all sort of things and keep getting an error of:
{"errors":[{"message":"Invalid or expired token","code":89}]}
I know my access token is correct as I can see it in my twitter api panel.
If I make this call, which I know does not need authentication, it brings back my user details just fine:
$user = $this->rest->get('http://twitter.com/users/show', array('screen_name' => 'jamesstoddern'));
However, if I try to connect to my timeline with something like this, it fails with the error stated above.
$authArray = array(
'consumer_key' => 'MY KEY HERE',
'consumer_secret' => 'MY SECRET HERE',
'username' => 'jamesstoddern',
'access_token' => 'MY ACCESS TOKEN HERE'
);
$timeline = $this->rest->get('https://api.twitter.com/1/statuses/home_timeline.json', $authArray);
I am obviously doing something wrong, but all of the examples I find seem to be about authenticating other users with a "Sign in with twitter" button, and not about just authenticating your own application silently.
I would be so greatful if someone could give me some pointers or an example that does just what I want it to do.
I am using Codeigniter, and have tried Phils Sturgeons OAuth spark but cannot find suffient examples to help me out. I really find all of this a struggle.
Please can someone explain the steps I need to take to authenticate my own application silently so that I can make calls to my own twitter resources. Once I understand this concept, I should be able to apply the same logic and understanding to connect to my 500px photos for example. I do not want to use twitter specific code and want to make all of this as generic as possible so that I can connect to any API in theory.
Thanks all and sorry for such a long winded question!
James
I know this question is quite old but maybe I can help. I found this guide really helpful which explains the steps you need to take to authorize a request. I have also created a CodeIgniter library for using the Twitter API. It may be work getting a copy of it and looking through to code to see how its done.
I'm using Django-allauth for social and simple login. I want that when a user who hasn't signed up or isn't logged in makes a shortlist of items, the shortlist is still present when the user signs up or logs in. So I'm using Django-lazysignup.
Right now, a new lazy_user is created everytime I'm not logged in with Facebook, or it gives me a "column user_id not unique" error. The shortlist is also not converted.
How do we integrate the two? Or how do we do this without using lazysignup?
Any help on this would be great, thanks!
Have a look here:
https://github.com/pennersr/django-allauth/blob/327f5b60f31e9b3db18d461266084a44f04888dc/allauth/account/adapter.py#L117
and here:
https://github.com/pennersr/django-allauth/blob/327f5b60f31e9b3db18d461266084a44f04888dc/allauth/socialaccount/adapter.py#L40
Here, a new User instance is created for local and social users respectively. These adapter methods can be overriden, and instead of spawning a new instance they could be changed to return an existing lazy user instance.
With django-allauth out of the box you will probably run into the problem that you don't have access to the request instance here, but I am willing to adapt allauth to match your use case...
You could use a custom user model (Django 1.5) tweaked in a way, so that it uses the session key as identifier for example.
Later on signup.. just fill in the username and/or email etc.
This could make sense if you want to save the lazy users interactions even if they do not sign up (e.g. for statistical usage). I have not tested this.. but it might work. :)
I'm starting using Devise in my Rails app, but the Token Authenticatable: signs in a user based on an authentication token (also known as "single access token") module puzzles me.
Is the user authenticated only for his current session? If he uses now the URL containing the token, can he re-use it at a later tine and still have access, or does he get a single access?
Can multiple users be authenticated at the same time, using the same token?
I have searched extensively for a working example; please forgive me if this is explained elsewhere.
Any pointers would be more than welcomed. Thanks for your help.
The short answer is: it's up to you.
This module only provides a few
helpers to help you manage the token,
but it is up to you to choose how to
use it. For example, if you want to
have a new token every time the user
saves his account, you can do the
following:
before_save :reset_authentication_token
On the other hand, if you want to
generate token unless one exists, you
should use instead:
before_save :ensure_authentication_token
If you want to delete the token after
it is used, you can do so in the
after_token_authentication callback.
See the documentation for this model at http://rdoc.info/github/plataformatec/devise/master/Devise/Models/TokenAuthenticatable.
I'm trying to add a "share via twitter" link to our website. I'm aware of the standard http://twitter.com/home?status=TWEET method, and it works good enough for my purposes when the user is logged in to twitter already.
If, however, the user is not logged in, twitter displays the login form first (which is only reasonable). After the login, the home screen is displayed without the tweet content.
Am I missing something obvious, or is this a know flaw in this method? If so, what is the easiest way (apart from using services like TweetMeme, which I noticed asks for login in advance) to make the share button work as expected?
If the user is not signed in when accessing http://twitter.com/home?status=TWEET it seems that the status is indeed forgotten. This would be a Twitter website issue and not something you're doing wrong.
Update: Use this URL instead: http://twitter.com/intent/tweet?text=TWEET
TweetMeme, on the other hand, uses its own Twitter "application" via the OAuth authentication, requiring users to log in before retweeting using TweetMeme, and is smart enough to include the tweet message in the OAuth callback URL so that it's not forgotten.
So really, you can:
Use TweetMeme, where the user would have to log in, but at least have the tweet be remembered once that's done;
Create your own Twitter application that uses the same tweeting functionality as TweetMeme; or
Use Twitter.com's less-than-desirable status updater and hope the user is logged in, or hope that they're smart enough to click the back button a couple times and click on your link again if needed.
Just use the following url and parameters
http://twitter.com/share?text=YOUR-TEXT&url=YOUR-URL
Then it works.