- Where Developers Learn, Share, & Build Careers


I'm writing a mobile app that uses O-Ath to "connect to Facebook": 

  1) Assign Facebook with authentication 2) Do not force your users to register on any other website. 3) Get Facebook information   
 I have implemented the server-side-login of Facebook):  
  
 I can not understand that with the user After Nekt How will maintain user sessions.  
 The flow from here is end-to-end, please correct me if I am wrong.  
  1) User logs in to my server (Android app using webview) 2) Server redirects user to Facebook Client_id, redirect_url, status and permissions) 3) User now Facebook Is facing the login dialog. 3.1) If the user rejects: Facebook calls redirect_url and informs the server that there was an error (the flow expires here) 3.2) If the user accepts: Facebook has set up the redirect bar (my server) Gone state (for CSRF security) and have a call with a code. 4) The server communicates on Facebook and sends it to the AP_ID, Redirer, Client and CAD and in return, Face is called a redirect-url with a valid token. This token allows the server to issue Facebook API calls.   
 So far everything works great now main question - session management.  
 I've got a token now, I have to figure out which user it belongs to, so I can get data from my database or create a new entry for a new user case).  
 1) What kind of identifier should I use to identify the user in my server db? (Do I need to call Facebook API to get basic information and to remove email and / or unique IDs?  
 2) Once I have found this unique ID that I How to contact again? In step 2, the server redirected it to Facebook, which means that they opened a new connection to Facebook and it is no longer connected to the server. How do I make him a cookie, he left now? & Lt; -  *  This part is most deceptive to me. 3) At which point I need to set a session ID cookie) is on the request of the user, so next time he contacts me, then I come to know Who will it be?  
 I think the stack overflow is the best example for clarifying my problem. I clicked the "Connect with Facebook" button, and suddenly I am a user on the stack overflow without any registration. How does the stack overflow reveal how I have drawn questions I have already asked? How did it recognize me? And in which series I have described, the cookie was set on my request?  
 Thank you for your time   
 
 
     
  1.  
     One of the basic misconceptions about: OAuth is  authorization  about all   you  ( customer )  his  Allows access to data from the side. If you want to  authenticate  the user, some providers allow you to access the  unique ID  which allows you to isolate users. So, yes, if you want to identify a user, then you have to request your  unique ID .   
  2.  
     There are several ways to do this, they all generate a  Unique Session ID , which is the  store before you redirect the user . Once the user returns, he returns you a  id . If you see that you have issued and stored the  ID , you  id  and you know which user you are talking to, you can either store this  ID  in any cookie or give it the  state  parameter Can be submitted as part of.   
  3.  
     Previously it would be possible to redirection. If you want to know what time you are talking to any user, then do this for the first time when he will call you.

Comments

Post a Comment

Popular posts from this blog

Python SQLAlchemy:AttributeError: Neither 'Column' object nor 'Comparator' object has an attribute 'schema' -

I tried to create a new database in my project, but when I run the script, I get this error, I have another project, this type of definition worked before, but now it gets a single error. I am using Python 2.7.8 and the version of SQLAlchemy module is 0.9.8. By the way, using a project flask- SQLAlchemy, it works well, I'm confused. Traceback information is as follows: Traceback (most recent call final): File "D: / Projects / IOM / db_create.py", line 4, & lt; Module & gt; From the models the base file "D: \ Projects \ OO-IM \ models.py", in line 15, in the & lt; Module & gt; Column ( 'followed_id', int (), ForeignKey ( 'user.id')) file "C: \ Python27 \ lib \ site-packages \ SQLAlchemy \ SQL \ schema.py", line 369, __new__ schema = metadata. Schema file "C: \ Python27 \ lib \ site-packages \ SQLAlchemy \ SQL \ elements.py", line 662, AttributeError in __getattr__ key): Neither 'column' object nor ...
Read more

java - How not to audit a join table and related entities using Hibernate Envers? -

I use Eners to be hibernate to audit my institutions. I have an audit entity, Foo , which includes a list & lt; Bars & gt; However, I do not want to audit the bar institutions, in the form of properties, I have written that: @inti @edicated public class Foo {@JoinTable (name = "T_FOO_BAR", joinColumns = @JoinColumn (name = "FOO_ID"), inverseJoinColumns = @JoinColumn (Name = "BAR_ID")) @ManyToMany (Cascade = Persist) @ Indited (targetAuditMode = RelationTargetAuditMode.NOT_AUDITED ) Public listing & lt; Bars & gt; GetBars () {Return bars; }} Now, I want to retrieve an amendment of foo : AuditReader reader = AuditReaderFactory.get (GetEntityManager ()); FU modification = (FU) reader.CreativeTeA () .entensEtrevision (Foo Class, 42) .getSingleResult (); Unfortunately, when I want to retrieve all the data (i.e. when it loads lazy times ), error me ORA-00942: table or view is not present , because Tried to query this: Sel...
Read more

mongodb - CakePHP paginator ignoring order, but only for certain values -

While pagging my user model in kppp, I can sort with some values, but not others. For example, I can order results from created or email , for example, but username or reputation seems to come back order by arbitrary command for example with a list of users: $ this-> paginate = array ('condition' => array ( 'User.is_active' = & gt; true), 'border' => 24, 'order' => array ('User.created' => DESC)); Works as expected, but $ this - & gt; Paged = array ('conditions' = & gt; array (' user.isIactive '= & gt; true),' border '= & gt; 24,' command '= & gt; array (' user repeats' = ' & Gt; DESC ')); No, no. I first thought that this could be a database issue, but when I search the database directly, sorted as expected. Note: I am using Mangodebi with the Mongo DB plugin of Ichikawa for the KPPHP; Pagnetizing users are used to work properl...
Read more