I have an app that uses Google auth with Firebase and React Native. Can I use the google authentication for user management and session creation with ConnectyCube?
The ConnectyCube docs describe Firebase account and project registration but don't explain how that relates to the ConnectyCube API.
Also in the ConnectyCube docs it give details the Create session with User authorization parameters and providers as Possible values: facebook, twitter, firebase_phone, but not google. Any help appreciated.
Since you have already set up an authentication system with Firebase, you probably do not need to use ConnectyCube authentication module to manage passwords and users.
At least in my case, we do not need that functionality but we still must login to ConnectyCube to use their services.
After the user logs in, we can subscribe to one's state and retrieve the user object:
async function onAuthStateChanged(user) {
// we do different operations here
await connectyCube.configure(user);
}
useEffect(() => {
const subscriber = auth().onAuthStateChanged(onAuthStateChanged);
return subscriber; // unsubscribe on unmount
}, []);
In ConnectyCube.js:
configure = async user => {
/*
Here you can:
Do session login
check for the active session
Format the user
Try Catch different scenarios
Sign up a user
Check if a user exists
*/
ConnectyCube.users
.signup(user)
.then(user => {
console.log('[ConnectyCube.users signup]', user);
})
.catch(error => {
console.log(`%c[ConnectyCube.users signup] ${error}`, 'color: red');
});
};
Hope it gives some ideas
Related
I'm asking this question because when you add auth to amplify project it uses cognito, and the user can sign up and sign in. But should I do something when the user sign up? I mean databasewise? Because let's say I have a route and only a person who is logged in can access? how am i supposed to log in the user? By cognito or dynamodb? For example let's say I want to list all users that signed up in my website. the only way i can get this information is if i save the user info on dynamodb when the signed up for the first time? and from that point on, do i check dynamodb or cognito to check authz? let's say professor vs student?. I'm asking this because I had the same problem with firebase, when I enabled login with google I saved user info on database, but I'm not sure if this the right thing to do, because everytime this user logs in I checked if he was already in the database otherwise I added him
I suggest that you read the Amplify docs where it discusses how users can sign up, sign in and sign out:
https://docs.amplify.aws/lib/auth/emailpassword/q/platform/js/
import { Auth } from 'aws-amplify';
async function signIn() {
try {
const user = await Auth.signIn(username, password);
} catch (error) {
console.log('error signing in', error);
}
}
There is not need for DynamoDB as Amplify via Cognito will handle all your auth needs.
I have a Vue.js webapp that I am trying to add simple authentication to using AWS Cognito and Amplify Auth. I have my user pool set up with "Authorization code grant" enabled for the OAuth flow. I also have the redirect URL set as https://example.auth.us-east-2.amazoncognito.com/login?response_type=code&client_id=XXXXXXXX&redirect_uri=https://example.com/auth/verify for the hosted UI.
This is what's within the page the hosted UI redirects to:
import { Auth } from "aws-amplify";
export default {
async created() {
try {
await Auth.currentSession();
} catch {
console.error("Not authorized");
}
}
}
When I sign in the first time through the hosted UI and am redirected, I get an error and am not recognized by Amplify as being authenticated. However if I sign in a second time, there is no error in the console and I have an authenticated session.
I do know that authorization code grant doesn't put the tokens in the URL, but I do see them in localstorage even on the first sign in. I have tried switching to using the "token" OAuth flow but the Amplify docs say the refresh token isn't provided that way and I'd like to not have sessions limited to 1 hour. Any guidance here?
For anyone facing the same problem, this seems to be a known issue.
The workaround is to subscribe to Hub actions and handle it there like
Hub.listen("auth", ({ payload: { event, data } }) => {
switch (event) {
case "signIn":
// signin actions
Auth.currentSession()
.then(user => console.log(user)) // redirect to default page
.error(err => console.log(err))
case "signOut":
// signout actions, redirect to '/' etc
case "customOAuthState":
// other changes
}
}
refer to https://github.com/aws-amplify/amplify-js/issues/5133#issuecomment-600759135
We are analyzing AWS Cognito adoption as our authentication service.
We use social network data in some ML models after the user is logged in, if he or she allowed us to.
The doubt is: if the user signs up using Facebook, can I ask for custom information (friends list, list of posts, etc.) using Cognito? If yes, how would I access this information later?
We searched everywhere but can't find anywhere talking about it.
For anyone arriving by Google: the Cognito SDKs return a response that contains the API key for that user on Facebook. Check it out in the Javascript SDK:
FB.login(function (response) {
// Check if the user logged in successfully.
if (response.authResponse) {
console.log('You are now logged in.');
// Add the Facebook access token to the Cognito credentials login map.
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId: 'IDENTITY_POOL_ID',
Logins: {
'graph.facebook.com': response.authResponse.accessToken
}
});
// Obtain AWS credentials
AWS.config.credentials.get(function(){
// Access AWS resources here.
});
} else {
console.log('There was a problem logging you in.');
}
});
response.authResponse.accessToken is the token you can use in the Facebook API. You set the permissions you need from this user in your app in Facebook's developer console. Then, you can proceed to make API calls to Facebook.
I'm still quite new to ember and I've created a custom user signup/login system with Firebase as the backend and the torii add-on for user authentication. I've also looked around and there's plenty of tutorials/info on how to incorporate facebook login, which I have done, however that's all it does for me right now... Log you in and give you a session, but doesn't create a user in the users database that I've set up.
Whereas if you use the custom login, it creates a user model and saves it in the users database that you can retrieve. As of right now if you try to retrieve users from the database who are logged in through facebook, it gives an error since they are not in the database, even though they have a uid assigned by firebase.
So basically right now there seem to be two different kinds of users in my app, the ones who use the custom sign up and are in the users table/database, and users who sign in using facebook, but can't really do anything but log in. How do I create a user when someone signs into my app for the first time using facebook so that they have the same capabilities as someone who uses the custom sign up?
So far I have the facebook SDK loaded in an initializer and I have a button that triggers the sign in action in a controller that passes in "facebook" as the provider.
import Ember from 'ember';
export default Ember.Controller.extend({
firebaseApp: Ember.inject.service(),
session: Ember.inject.service('session'),
actions: {
signIn: function(provider) {
const email = this.get('email');
const password = this.get('password');
this.get('session')
.open('firebase', { provider: provider, email: email, password: password})
.then(function(data) {
});
},
signOut: function() {
this.get('session').close();
}
});
You must create it yourself.
Upon signing up you must catch this event and initialize tables using the uid of the users as possible key
I'm using facebook connect to authorize users on my site, but I also popup a third party service for the users.
This third party service is also using facebook connect to authorize its users.
I don't want each user to be forced to go through the authorization phase twice.
Is there a way I can ask the user to authorize the third party service when he log-in my service get some token and use it when I pop-up the third part service?
You can use Facebook SDK's getLoginStatus method to determine if the user has already authorized your app and is currently logged in. If, user logs in to your site using FB, he will not have to log in again.
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
// the user is logged in and has authenticated your
// app, and response.authResponse supplies
// the user's ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
var uid = response.authResponse.userID;
var accessToken = response.authResponse.accessToken;
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
// but has not authenticated your app
} else {
// the user isn't logged in to Facebook.
}
});
So, the user just logs in once and has to authorize the app for the first time only. You can read more about this method here.