social-auth gives "wrong" facebook id - django

I use django social-auth for facebook login and need to get facebook user id for using in facebook chat xmpp. Playing it manually, i knew that my id is 10000xxxxxxxxxxxxx but then noticed that social-auth holds another id: 77061xxxxxxxxx4
request.user.social_auth.get(provider='facebook').uid
Both of them work and redirect to my fb account when in browser but I can't use for facebook chat xmpp the one which social-auth has. Please advice.

It is not a wrong ID, since v2.0 you donĀ“t get the global ID anymore but only a so called "App Scoped ID". It is unique in one App and will stay the same, but you will get another one in another App.
https://developers.facebook.com/docs/apps/changelog

Related

Facebook login along with standard login confusion

I currently have a website with standard email+password mysql login and I have implemented Facebook Login.
I would like to keep both living together, however I have a little bit of confusion about how I should do it correctly.
In the standard implementation I check if user and pwd are correct then I log the user.
In Facebook login JS after I log the user I have id and email, how can I link it to the existing standard account safely?
After the JS login I could send an ajax request to mysql (a php script) and see if the email+id couple exists, but this way anyone knowing the email and the id of the fb account could do it through a post request and it wouldn't be safe.
What would be the right way to do it?
Thanks for any help!

facebook api, get access toling without login having user id

I'm trying to understand what is the best way to work with facebook user login. In my app in profile section it's possible for user to sync with facebook, and store it (I'm storing facebook user id in application database), and use GraphApi with provided access token in app afterwards. At this point all is fine.
But when user back to app some time later, to run some GraphApi call he need new access token, and I do not see a way how to get that access token without running user through the same facebook authentication logic with that facebook confirmation dialog.
So the question is it possible to get access token having pre-stored user id without running user again through authentication??? It's a bit weird from user perspective to see all the time that facebook dialog after he already login with facebook and save that once. Also, if facebook require always to confirm login, it seems like from app perspective it does not make sense to store id at all (any way it's possible to get it with each login)???
Also, what if I do not want for users of my app to easily change linked facebook account, but with that facebook pop up, user each time can login through different account. Is that means I need on app side afterwards compare returned id with a stored id and alert user, that he can't change already synchronized facebook account to some other?

Get Facebook app scoped user id LIKES

I know you get a users "likes" from the graph api by doing
https://graph.facebook.com/v2.10/userid?fields=likes
However this only works with Real User Ids. What I don't understand is how is my app supposed to get the users "likes" if the App can't get the real User ID?
Originally I was testing this with my Facebook account and everything worked. But I'm now guessing this because I'm assigned as a developer to the App, I was get the Real User ID.

Parse-Server Facebook login - link users with Business Mapping API?

I'm Using ParseServer with two different client applications. Since each mobile app is associated with a different Facebook app (different app names, logos...), the current Facebook policy is to issue a foreign user id for same users when authenticating through different Facebook apps.
We'd like to link those two user ids in ParseServer so they will share a single user account. Even when authenticating via different Facebook apps.
According to Facebook documentation the way to do that is by using the token_for_business or "Business Mapping API" to match two user IDs that belong to a single user.
However, ParseServer documentation does not indicate how to use token_for_business or "Business Mapping API".
We are currently using the /users (POST) endpoint for login and registration passing the authData structure for Facebook when Facebook auth is performed.
Assuming ParseServer uses the authData.facebook.id attribute in order to look for existing users once a new login request arrives, its possible to call the facebook API GET /me/ids_for_business and substitute the id in authData with a previously existing user id.
Is this a recommended approach?
Ideally, I'd like to just add my token_for_business to the authData in the login request and have Parse do the rest of the work. Is that supported?
Lastly, is it at all possible to link two facebook users in ParseServer? the authData structure does not seem to allow is as the "facebook" id section is no in any type of array - it seems there is no way to express dual facebook ids under a single user.. Is this changed at any future parse version (currently using Parse 1.6.14 in the client and ParseServer 2.2.19)
Thanks,
Ron

how to get a list of your own Facebook developer apps

I am creating a page for Facebook Fanpage Owner to login. Once they login, it'll show a list of Fanpages that they own. Which api should I use to get a list of apps/fanpages that the login user owns?
Nevermine, I know how to do it now. Basically, all you need to do is to call a
https://graph.facebook.com//accounts