I am trying to implement the user ID feature in Google Analytics to track user behaviour across devices. I know that the client ID gets cleared once the user clears the ga cookie.
What happens to the user ID in this case? Is it tied to the authentication system and hence not dependent on the cookie? Can someone throw some light on this?
You have to generate a unique user id for ervery user and store it.
Everytime the user logs in to you site, you have to set correct the user id.
Take a look to this document.
Google Documentation
The id that you will pass should be a unique id from your system that persists.
If the user clears their cookies, it will not matter because the user id will reset once they access a page next time.
Related
I'm trying to understand what is the best way to work with facebook user login. In my app in profile section it's possible for user to sync with facebook, and store it (I'm storing facebook user id in application database), and use GraphApi with provided access token in app afterwards. At this point all is fine.
But when user back to app some time later, to run some GraphApi call he need new access token, and I do not see a way how to get that access token without running user through the same facebook authentication logic with that facebook confirmation dialog.
So the question is it possible to get access token having pre-stored user id without running user again through authentication??? It's a bit weird from user perspective to see all the time that facebook dialog after he already login with facebook and save that once. Also, if facebook require always to confirm login, it seems like from app perspective it does not make sense to store id at all (any way it's possible to get it with each login)???
Also, what if I do not want for users of my app to easily change linked facebook account, but with that facebook pop up, user each time can login through different account. Is that means I need on app side afterwards compare returned id with a stored id and alert user, that he can't change already synchronized facebook account to some other?
Currently, it is set to return to the first screen of the program when membership registration is completed in Django. However, since anyone can sign up and view information within the program, I want to make it possible to access the program's first page only after the administrator approves it when someone completes membership registration. As a result of Googling, only email verification was found, so I had to ask a question. There seems to be no admin authentication process provided by Django. Are there any similar examples or methods?
I want to make it possible to access the program's first page only after the administrator approves it when someone completes membership registration.
At first you can set the step for every registration level.
and to approve the user to authenticate the page, you can create and check status user profile.
Another way is using a django permission for an authenticated page.
you can do this, if the user completed a couple of registration and a step number, for example is 7, you can give needed permission to the user.
It's possible to use facebook info, and get some information in the local database in the userinhfo api?
Let'me explain, I get name and mail from facebook claim, and I want the userinfo api returns that information, and local information in the local user store.
Becouse I have the user facebook email provisioned in the secondary user store, if the user is in the PRIMARY user store, userinfo works perfectly, there are some way to work with secondary user store. And my secondary user store is a custom implementation of jdbc user store.
Thanks
This is possible to do. What you can do is authenticate the user using wso2 IS. Since you use custom implementation, the claim mapping should be done accordingly. If the claims are not there create custom claims.
Try to use those claims to map the Facebook user information
Or you may want to use facebook SDK to get user information.
I have a web application that I would like to add single sign on capability using user's Facebook or Google+/Google App account.
I have a USERS table that stores users login information. All users are required to have a record in this table no matter if they signed up using FB or Google+.
I am trying to figure out the information that I need to store in the database in order to link USERS table records to FB or Google information.
Facebook documentation states:
the app should store the token in a database along with the user_id
to identify it.
So should I create a table called SSO_LOOKUP with following columns:
USER_ID // user's id that links to my USER table
PROVIDER_ID // user's FB or Google account id
PROVIDER_TYPE // indicates if it is Google, FB, Twitter, etc.
ACCESS_TOKEN
For SSO login definitely you need to have your user_id and some basic details which allow you to connect to FB or google
provider: "it will be either FB or Google or anything in future"
token: "This token we receive from FB and Google. In case of FB it
expires after 3 months or so where as it does not expire for google
as per my knowledge"
token_expired:" As In FB token expires after a time so you can have
this flag in place if you need to refresh it after that duration"
user_id: "This is your User id:
uniqueid: "This is the Unique ID which you will get from FB and Google.
That helps to identify your user in FB/Google"
These are the minimum fields you can add and these will even help you to scale your app. In the sense if you want to pull or push data from google and FB at that time Access_token and unique_id will help you.
Also incase you want to see some publish source then you can see some of the code on github e.g.
django-social-auth
For some details you can refer google documentation and Google OAuth2
Hope this will help.
Technically speaking all you really need to store is the Refresh Token and some kind of flag type identifier that tells you if its a Facebook or Google Refresh Token. Then you can query the API for what ever information you need. Storing the User Id would be a good idea becouse if they logout then reauth you will still know who it is even though the refresh token has changed. anything else is kind of over kill really as you will be getting that information back from the API anyway when you make your calls.
You could if you want store there Name and most recent picture that might be nice to display before you have fetched there information. Then update any changes to your data after you access the API for the first time. But its basically up to you how you want to design things, and what kind of application we are talking about here.
I understand request.sessions dictionary and how to use this.
However, it appears that values set using request.sessions is only valid while the user is logged in.
I need to set a persistent cookie that lasts for a fixed time period and not dependent on whether the user is logged in or not.
What I would like is to store a value for an anonymous visitor to my site, and also retrieve that same value if that user creates an account and logs into the site. The value should be retriEvable if the user logs in or logs out between sessions.
Any code examples on this?
Sessions should work fine for anonymous users. What's happening to make you think it only works for authenticated users?
Aside from that, maybe take a look at deferred registration which may do what you're looking for, http://tartarus.org/james/diary/2009/07/24/implementing-deferred-registration-with-django .
As Rolo says, Sessions work when for anonymous users, but When you use the auth.logout method the session is completely wiped. In your logout view, you could call auth.logout, then add whatever data you wish to persist back into the session.