I was just wondering if an app exists for Django that helps connecting all 3 social networks, imports basic info, profile picture, but most importantly pushes the post user makes to these three website accounts. I looked into django-social-auth but that just lets you register or login with these websites,not push posts.
django-allauth http://github.com/pennersr/django-allauth/ stores basic info for FB/G/Tw (and more), provides basic access to the profile picture, and stores the access tokens in the database.
Whatever you do with the access token is project specific and beyond allauth scope. For example, in order to post to the users wall you need:
The user's permission (you can do this by configuring the proper scope for the Facebook provider, search for SCOPE in the README.txt)
Once the user is logged in via FB, the access token is stored in allauth.socialaccount.models.SocialToken. Simply lookup the token for the user that is logged in.
Then, given the token use whatever method you like to post to the Facebook API on behalf of the user. E.g. https://github.com/pythonforfacebook/facebook-sdk
For some more background on the relation between a Django user and the Social* models, see:
How can I get the user's facebook id with django-allauth?
There are django apps that do what you need individually (Facebook example), but I'm not aware of one that works with multiple.
django-social-auth will get you half way there by obtaining the users information and permission to post to the social network on their behalf.
Once you have users authenticating via django-social-auth you'll have access to the users access token needed to post to respective network on their behalf.
From there, you're going to have to stitch together some additional python modules like the Facebook example above to do the actual posting.
Related
I'm trying to understand what is the best way to work with facebook user login. In my app in profile section it's possible for user to sync with facebook, and store it (I'm storing facebook user id in application database), and use GraphApi with provided access token in app afterwards. At this point all is fine.
But when user back to app some time later, to run some GraphApi call he need new access token, and I do not see a way how to get that access token without running user through the same facebook authentication logic with that facebook confirmation dialog.
So the question is it possible to get access token having pre-stored user id without running user again through authentication??? It's a bit weird from user perspective to see all the time that facebook dialog after he already login with facebook and save that once. Also, if facebook require always to confirm login, it seems like from app perspective it does not make sense to store id at all (any way it's possible to get it with each login)???
Also, what if I do not want for users of my app to easily change linked facebook account, but with that facebook pop up, user each time can login through different account. Is that means I need on app side afterwards compare returned id with a stored id and alert user, that he can't change already synchronized facebook account to some other?
Direct access to profile pictures via the Facebook graph API has recently stopped working and appears deprecated. Apparently, this now requires an access token (which requires the user to login to FB first)...
https://graph.facebook.com/{user-id}/picture?redirect=false&type=large
I'm developing a web application in JavaScript, unrelated to Facebook. I would like to offer users the option to use their FB profile picture for posts. They provide their numeric user-id which I save on our server. Until recently, my client app could use the numeric user-id in the above URL to produce a JSON response with a link to the user's profile picture.
Is there an alternative approach to getting a user's profile picture without first requiring the user to login to FB to get a client-side access token?
If They (the users) provide their numeric user-id means that you're using Facebook Login, and they at least gave their public_profile permission to your app, you can just add the App Access Token to the request and it should work.
https://graph.facebook.com/{user-id}/picture?redirect=false&type=large&access_token={app_access_token}
If you don't use Facebook Login, I see no chance to be honest.
I have an application allowing users to sign in using their Facebook and Twitter accounts. I only need a very basic information like their email address and full name. Everything works fine and as planned.
Accounts.ui.config({
requestPermissions: {
facebook: ['email'],
github: ['user:email']
}
});
But, now I need to implement a feature posting to a Facebook page and Twitter on behalf of the admin users only. So, I need to get additional permissions from specific users only.
Admin users are eligible to manage our page at Facebook. The app needs to request additional permissions to be able to post to the page. I wan't to keep those basic permissions for regular users.
How can I accomplish that?
One way you can do is,
If you know that logged in user is Admin, put the re-authenticate button in user-dashboard (or somewhere which makes sense) that will do authentication user of user for whatever permissions as required by application.
This will basically do, oauth with social service like usual and upon completion you will get aceess code and against this code get the re-newed access token from social service. (This is normal , how you basically do the oauth manually) Now, use this access token to post to social services.
For this, you will need to use node modules such as for facebook -fb_graph , for twitter- twiiter
Hope this helps
So I was going through Instagram's API and I implemented it. However it isn't as useful as I thought it would be because when trying to get and OAuth2 token a user is taken to a page to authorize them in what looks to be and effort of insuring that the user realizes that they are about to view and share Instagram content with my application. This all makes sense to me although not ideal. You can find it in detail here(Step One: Direct your user to our authorization URL).
Then I saw this press release from a company called Celtra who says they can pull the the most recent images off any Instagram feed and put them in an Ad. I checked it out and somehow they are pulling the images of other companies without this authorization page I am encountering. Basically without page scrapping I don't know how to do this with Instagrams API, and I realize scraping violates Instagrams terms of service. Does anyone have this functionality, where I can pull down images from Instagram and not take a user to an authentication page working legally as I am assuming Celtra is doing? Guidance or documentation on how to achieve this would be ideal.
Instagram recently added an endpoint that will allow you to any instagram account's photos without oauth or needing access_token, you can specify client_id and make API call to get photos.
Just register for an app account at here and add the client_id to this endpoint and make call:
https://api.instagram.com/v1/users/3/media/recent/?client_id=YOUR-CLIENT_ID
You only need access_token to get users' likes, follower feed and to like/comment/follow.
update: you need to have access_token with the new API changes, cannot
access API with just client_id anymore
To do this simply, you could authenticate your app from a dummy profile or your own personal profile and then use the access_token to request the feeds of any account. Then, when an end user goes to use your product, instead of authenticating them, you can just pull content from the Instagram API using your access_token.
I'm building up an app that should allow the user to sign up / sign in with Facebook and then he should be able to login (always via Facebook) to the "main" website
To be honest it's a bit more complicated than this. That's because I'm using django-tastypie and django-allauth in the main website to allow sign up, login, and browsing of our API
Basically I want to make the mobile app user browse the tastypie API (accessible only if logged and if you're an user in the main website) and grant him the rights to add rows (like orders)
Here's what I have
A phonegap app with a working Facebook login (I'm working on that right now)
A website with django-allauth and django-tastypie that makes me register as a new user using the allauth's Facebook login
No trace on the main website if the mobile user is doing a sign up via Facebook (this is the problem)
I'm basically confused how I should work with access tokens and how to pass further parameters (I don't need only the Facebook infos to complete the registration, but some custom fields too)
Anyone got experiences on this or would like to expose his workflow?
One common way of doing things is to leave all registration related functionality up to the website. In your phonegap app you can simply point the user to /accounts/login/ using the In-App-Browser (IAB). The IAB has events like loadstart and exit that you should monitor. A simple way of monitoring whether or not the user is successfully logged in is to have him redirected to a specific url, say /accounts/login/complete/, at the end of the login. If you attach a token to that return url (as in /accounts/login/complete/?token=123) you will be able to parse that token in your app. You could simply use the session ID as a token.
A more secure way is to use the django-oauth2-provider app and actually implement a proper oauth handshake. Handling that is almost the same. Using IAB open /oauth/authenticate/, you will be asked to login using allauth, then an oauth2 confirmation dialog appears, after which the oauth grant code is passed to a success URL. You can pick that code up from phonegap and using AJAX calls from within the phonegap app you can fetch the oauth access token. Btw, django-rest-framework has builtin support for django-oauth2-provider (don't know about tastypie).
A completely different approach is to implement a Facebook login in your mobile app, completely independent from the web site. Once logged in you'll be handed over a Facebook access token. Now, you can send this token over to the web site. Given the token, the website can fetch the user (https://graph.facebook.com/me?access_token=...), check whether or not that user is already known, if so return an appropriate token/session for that user, if not, create the user account and also return a token.