I am trying to get my Meteor app to save user_birthday and email in MongoDB. All I am asking for is an example for a URL that queries Facebook Graph for user_birthday and email by providing a facebook user ID and the corresponding access token. The perfect answer would be a link were I just copy my user ID and access token and it gives me my email and my birthday.
Thanks in advance :)
This would be the API call: /me?fields=email,birthday&access_token=[your-user-token]
https://graph.facebook.com/me?fields=email,birthday&access_token=[your-user-token]
Related
I am creating a flutter android app which uses google sign in. Once logged in, I recieve accesstoken and idtoken. I want to use this token to authenticate my backend which uses django social auth and
Login and return the authoken, if the user has already signed up, or
Register the user , login and return the user id and authtoken.
Is this possible ? If so please suggest any documents online or please explain how should I approach this.
Over the years of doing this again and again, I found the solution below works well for me. It creates clear understanding of who is doing what.
Basically, you need:
Django Rest framework-backed token authentication for normal API requests. Mostly your app works on this. Link: https://www.django-rest-framework.org/api-guide/authentication/#tokenauthentication
Google or Facebook or any other login to issue an auth token in 1. Thus effectively FB/ Google shortcuts the process of typing in username and password.
This is achieved via the flow below:
New user comes in and signs in via FB/ Google
You get Fb/Google token and send it to your backend
You verify the validity of the token. Re-obtain user name and email from G/FB from the backend. Use these details to create a user account in your backend. DO NOT USE email provided from front-end for account creation (assuming email is your primary unique user identifier)
NOTE: Don't forget to check if account already exists. If it does, this is a returning user/ login and not a new user. In this case, validate and return valid Django Rest Token
Once 3 is complete, issue a Django REST framework Token in response to the request made in 3.
After 4, you have a token in your app. Use this token for normal requests.
Happy coding! Happy to answer follow-up questions.
it is possible,first you have to create your api using django Rest Framework,the link below can help you to create your backend and set a token for every user:
https://dev.to/amartyadev/flutter-app-authentication-with-django-backend-1-21cp
then you have to add social authentication to your backend,you can write it yourself or using link below to use library :
https://github.com/RealmTeam/django-rest-framework-social-oauth2
after this approach you have to create your flutter app,the below link is a useful resource to connect your backend and your flutter app :
https://www.asapdevelopers.com/flutter-login-app-with-python-backend/
I've followed the both packages documentations and using example from rest-auth doc. I've followed all the steps and I can successfully use this API to register/login user with facebook. API returns me token and user object but this token is not working with JWT authentication. But if I set this user's username in the db and then post the facebook login request again then returned token works fine. What does this social authentication process has to do with username? Is there something I need to do to properly configure it?
I am using custom user model and have both username and email for authenticating users. Please let me know if any further info is needed for figuring out the problem.
after 1.7.0 in rest_framework_jwt,it use username to query user in authenticate_credentials().But when you use facebook accessToken to login firstly by rest_auth, the user doesn't have a username.
So you will recieve a 'Invalid payload.' message.
I have this problem too.And I do this work now.
Sorry for my bad English skill.
I encounter a problem about to verify facebook user id and access token. In the app you need to register with facebook to get started. When an user get authenticated with facebook, we send the token and user_id to backend to insert into related table. But we have to know that the token belongs to the user. We saw a couple soution about it:
https://stackoverflow.com/a/8608017/1664109
And this
https://stackoverflow.com/a/20518868/1664109
So how to verify a token and user_id without send request to facebook ? Is there a way ?
based on Facebook's documentation:
as Facebook makes changes to what is stored in them and how they are
encoded.
I would say it's not possible to reliably "parse" a token.
Without sending a request to Facebook? No. But you can use the Access Token with a call to the /me endpoint. You will get the ID, and you can compare it to your stored one.
I need to get the facebook friends email ids of a user providing his login email id and password. That is, if we enter the facebook login email id and password we need to get the friends from facebook. So far i was only able to get the examples which uses Api_Key and Api_Secret. Even the Graph api is using Access Token. Is there any way to access the friends using email id and password? Please help.
This is against Facebook's Terms of Service. Specifically policy I.2:
You must not include functionality that proxies, requests or collects
Facebook usernames or passwords.
Also, you would be required to use the Facebook API which does not provide access to friends email addresses.
You'll need to ask your users to authenticate using the Facebook API. You shouldn't be collecting email and passwords on behalf of users. However, if you ask for offline access, then when you do this, you can access the data any time.
Facebook uses oAuth, so you and your application will never see the password of the user that you are getting permission for. oAuth (used by Twitter and Google as well) requires a bit of a handshake to get authenticated, but once you do, you can get permission from the user to do whatever you want, as long as they accept.
Check out https://developers.facebook.com/docs/guides/web/#login for more on how Facebook does authentication.
Is it possible to get user hometown using facebook Graph batch request for around 1000 users? What accesstoken needs to be sent and how can I get that access token?
Thanks in advance,
Ravi.
With a user access_token you can retrieve the active user's hometown if you have asked for the user_hometown permission. You can also retrieve the active user's friends hometowns if you have asked for the friends_hometown permission.
https://developers.facebook.com/docs/authentication/