I've successfully implemented Facebook login with their Javascript SDK but was hoping that when used on mobile, the native Facebook application would launch. Will going through the manual flow here allow this behavior? This question seems to say otherwise but was vague.
I want to avoid using Android and iOS mobile SDKs because my situation is basically an OAuth within an OAuth and it would get messy. Any other approaches people think could work like redirect URIs or other OAuth magic would be really appreciated.
I am new to ember.js.
I want to know about changing url by checking platform. I have two web app for mobile view server and web view server which are created by ember.js and tornado webserver.They are same app but different ui for mobile and web. when i type the url www.something.com in mobile browser, i want to go to the url m.something.com in mobile view server automatically and if i type the www.something.com in desktop browser, it should go to web view server automatically.
I don't know how to do that. Please help me.
ember-bowser should do what you need.
I would suggest ditching the different UIs for mobile and web and go with a responsive mobile first approach using something like bootstrap
Background
I need to design a WebService REST API. This web service will be consumed from a Web page and some mobile apps (android and iOS). I will call all of them 'apps'. Apps will be developed by third parties, outside of our company. Mobile Apps requires a logged in user to display content, so it's easier for me to handle content authorization of my web service.
Web page is a bit tricky because it must provide some functionality even for non logged users, (eg: list latests products, display product details and search products), so even to non-logged in users:
It must be able to request some data (mostly /products and /products/{id} ) from my web service.
It must be able to consume /search endpoint.
Real question
I will use OAuth2 to handle authorization. On mobile apps this is not a problem, they will not be able to access any content until they get authorized, so once authorized all API will be working.
But I'm totally lost on how to handle connection with web app.
Should I leave some URL non-authorized to allow web dispatch content to non logged in users?
Should I create a special user 'anonimous' with higher API usage rate limits and tell Web app to authorize as 'anonimous' until user has been logged in ?
is there a way for mobile app developers to add FB functionality that allows you to “like” something without actually leaving the page/ app from which you are doing it in?
Yes. The Like Button is currently Facebook's only Social Plugin that is available for Mobile web apps.
How to implement it is described in Facebook's Mobile Web Tutorial.
Here is a simple example app with a Like Button.
I want to upload a file to a website via a desktop app and then take the user to the website. The website has a web service, but requires authentication as does the web site. Is there a way to do this without forcing the user to authenticate twice (once in the desktop app and once in the web browser)?
Unfortunately, you can't prefill an input of type file for security reasons, which makes sense since the user won't want you uploading arbitrary files from his/her computer. But if they have a desktop app, is there some way around this?
Or maybe make the user log into the web app first and then the authentication cookie can be reused?
Any other ideas?
Thanks,
Ben
I would use the dekstop app as a client to the website app via an api.
So, login via the desktop app. The api returns a authentication token (as Carlos suggested) which might be a md5 hash stored in your database for a certain period of time, possibly matched to the clients ip address.
The desktop app can then make calls on the api (like uploading a file) as a authenticated user (by using the auth token).
When loading the website, perhaps the url is http://website/login/{auth_token} where the auth token is added to the url. The api can check to see if its a valid auth token and consider the user logged in.
You could generate an authentication token that could later be used on the website.
It all depends on the type of authentication of the service and the site. Is it integrated Kerberos, WS-Auth, is it Basic/Digest HTTP, is it forms/cookie ?
This answer will most likely not work in the very general users-on-the-wide-open-web scenario, but in intranet contexts, using Windows Authentication (on an ASP .Net solution), would provide this.