I need that after paying on the payment system's website and returning back to the php 5 site, the user's session is not saved.
I tried to implement this through the site and server settings. Nothing helps.
Decision:
Make a link in the code of the payment settings of the SuccessURL site after making the payment ("Return to the site") to the exit button from the personal account on the site - /login/?out.
Make the site code so that when you exit your personal account, there is a transition to log in to your personal account - /login/
Related
I need to book an appointment on a website. These appointments are released sporadically and booked up quickly. To even see available appointment times, you have to login & complete a reCaptcha. If I wanted to write a scraper using Headless Chrome to continually scrape the site and notify me when a new appointment comes up, following the login flow each time would require beating the reCaptcha, which is at least non-zero difficult.
A better approach (I thought) would be to log in once manually, grab my session cookies, and then load them into Headless Chrome before making a request directly to the appointment times page. The server would see my request, see my session cookies, and respond as if the manually-logged in session had been refreshed. This is pretty much as outlined in the answer to this StackOverflow question: how to manage log in session through headless chrome?
But this doesn't work, and I can't figure out why. I get redirected every time straight back to the login page. I've tried on Chrome & Firefox, and with several other login-requiring websites (Facebook, Reddit, etc.).
How can these servers possibly discern between the original client and the one using copied cookies, when the cookies are what the servers use to identify clients in the first place?
Exact steps to reproduce:
Login to site of your choice on Chrome, let's say Facebook.
Export your cookies to your clipboard from the site using the EditThisCookie Extension
Launch an incognito window (to reset your active cookies) and import those session cookies with the same handy extension.
Navigate to the target, past-the-login-form url.
Get redirected.
Get frustrated.
If customer register with their new account then they cannot login their account and they just see Login page again and again without sending any error on console. They cannot even see "MyAccount" page after first time they register with their account. When customer enter login information on login page and hit the login button, page just refreshing without sending any error message also if you have any item in the cart, the item quantity increase with refresh page which happen when you click on login button.
If I use old customer user email and password for login customer account then its loges in and you redirect "MyAccount" page and it's working well.
If anybody have any idea about this, please share with me.
Thanks
No. You are better off using Firebase as it's a lot easier if you are doing cloud messaging. Also with Google's Firebase Cloud Messaging, You can Deliver and receive messages in a more reliable way across platforms and with authentication you have a lot less friction with acclaimed authentication.
Authenticating a user has never been more simple: Eg
OR
Saving an image to Cloud Storage: Eg
I am new to OpenCart.
An OpenCart based website was turned over to me, which I uploaded to our web host. In testing the website, I logged in to my account:
I made a test purchase and proceeded with a test payment. However, as soon as the success page is displayed, my account gets logged out. But if I click on any link within the web site, I'm back to having my account logged in again.
I've been trying to see the files/codes that are called right before and after the payment. What files do I need to look at?
I wonder what is the right technique to streamline the login to my site via Facebook.
Currently, I have a web site integrated with Facebook Login button. Right now, it's an independent web site, and not a "Facebook app" (running in the canvas). While this is not my decision, this could change in long term if matters.
The way the authentication work: the "fb-login-button" is redirected to my application URL using onlogin() event; the server side uses the cookie to retrieve the "access token" and perform further Graph API work. The business logic resides on the server side.
The current business requirement is the following:
Suppose someone posts a link to my site, somewhere in Facebook, for example in our site community page:
http://www.mysitedomain.com/offer1
A Facebook logged-in user clicking on the link - should get to the target page, after his Facebook identify got verified, and the result should be personalized for that user.
If a Facebook user already has an active session with my site - trivial.
Assuming a user had approved my site (app) in the past, but has no active session - here I am looking for the best practice to do the login.
Also, I would appreciate a hint how to handle the app authorization (i.e. showing the Facebook authorization dialog) in a most efficient way.
Thanks for any hint.
Check out FB Login Architecture and FB.getLoginStatus. Based on FB documentation, If you use javascript sdk, it only triggers a Popup on the same page and once authenticated it will go back to the same page. So once the login status is confirmed then you can get users information from graph api and update via AJAX on your page. You can also checkout this server side login. Hope this helps.
I am implementing "login with facebook" feature using php sdk, i am able to grab user profile details. But after that user remains logged in. Suppose user is accessing my site and after using "login with facebook" features he leaves immediately, then next person sitting there can use(misuse) previous persons account.
1)How can i automatically logout user after fetching what i needed (I dont want to show user "facebook logout" button).
2) Is there any way i can only logout user from my app and not facebook logout ? (i mean if user is already using facebook in another tab then it should only logout users facebook session from my app.)
Assuming all the usual security measures are in place (session timeouts apply to FB logins, doesn't leak FB data across distinct PHP sessions, logging out of your site clears FB session data or moves to a login/front page with no FB access), websites with Facebook integration generally don't bother securing their FB integration on a per-request basis. It's the user's own fault if they leave a browser window open and logged into your website, there's not a lot you can or really should do about that kind of mistake.
All that being said, you can call getLogoutUrl and then redirect the user to that URL to log them user out of the current session, OR you can use the JavaScript SDK's FB.logout(). Both options are mentioned here.