everyone!
In my app I want to have an abily to login from account in social networks as well as from accounts registered localy and have access to the same database on my server.
What I mean:
Scenario 1:
User pressed "login with facebook"
-> Get access to application features
Scenario 2:
User pressed "login with account registred localy on my server"
-> Get access to application features
If I login from local account then it's easy to check auth data and grant access.
If I login in my app from twitter for example and got their tokens, how could I use them to access data on my server?
I found information only about how to make local login using Passport or using social services using Socialite but not both at the same time.
Well, turns out, it's actually easy to implement using only Socialite with standart auth. I misunderstood the concept of oauth so there is no need for passport at all.
Related
I am working on one project in Angular and PHP, I want to make login on Azure using ADAL (Azure Active Directory Library).
It is possible to do that without popup login Microsoft something like pass only username and password or client secret and to get the token for future request?
The way Azure authenticates external websites is through OAuth 2.0 which requires the user to login to their account on the Azure servers and then give your website authorization code so that you can request an access token to complete the OAuth flow.
It isn't secure to capture the user's Username and Password on your website and then send through to Azure, therefore they do not let you do that.
More explanation of the oAuth flow: https://learn.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code
I have a webservice created in PHP/MySQL. I have also created a simple RESTful API for the webservice and what I want is, to create an iOS app (in SWIFT).
What I need is a system for users to login via the iOS app.
If the user, successfully logs in via a web browser, a session starts so it keeps the user authenticated and logged in.
If the user logs in via the iOS app, I know how to validate the user (check email/password) by making a call to my API but I have no idea how I should handle the next step after a successful login. What should be the corresponding "session" for the iOS app?
Please note that I don't want to validate a user via google, facebook or whatever, I only want to validate a user against my database.
Two possible solutions that I have read about are oauth and JWT but their purpose is not clear to me. Especially oauth looks like I should use it if I want users to login to my service via google, fb, etc.
There are two API. The first is responsible for the authentication user, the second for a local project. Local project does not create an account. How to enable the user to log in local project using the first API?
Maybe
On the client login window appears, enter the login password. Dispatched at the API project:
api.project.com/login .....
API project sends data to the authorization API
api.сompany.com / login .....
If everything is fine - it returns "OK", and then issues a token API project and the client has been working with it.
The goal to make a common account for all projects. But how to implement API - I do not understand
Thanks!
I'm currently developing an app using Laravel. What I want to do, is to link this app to a SugarCRM app.
A simple workflow could be this:
User arrives to the app (Laravel app), enters its credentials
-> Credentials are sent to SugarCRM
-> if credentials are ok, the user is logged into the Laravel app.
Long story short, SugarCRM is used for the authentication to my Laravel App.
To do this, I developed a custom driver to my Laravel app.
The problem is:
If I quote the Laravel doc about custom Auth driver:
retrieveByCredentials: This method should not attempt to do any password validation or authentication.
Laravel Auth system requires to check first if the user exists in the base, with "no attempt to do any password validation or authentication".
But to do any kind of request to SugarCRM, I must authenticate first.
How should I deal with this without writing too dirty code?
What the docs mean there is that function shouldn't validate or authenticate credentials for your application. So if that function is called it shouldn't log that user in, but just return their credentials.
Its fine to authenticate to your external service so you can interact with their API.
I'm writing an iPhone app which works against my own server.
Basically, it's a forum where users can post. I don't want users to sign-in for an account on my server but I rather prefer them to login using any existing account they have: Facebook, Linkedin, Foursquare, etc.
So from the app itself, I want them to be able to login using their existing account which will then allow them to post on the forum.
My question is that: when a user is posting a message, how can I verify whether or not he is logged in with any service? I need to validate it both on the client and server side. I plan on writing the server side using PHP.
Thanks
See this question for a similar discussion (just limited to Facebook sign on). Here's a high-level overview of what should happen (taken from that discussion I linked to):
User opens the app on the phone. Chooses a service with which to authenticate.
Authenticates via one the available services (Facebook, Twitter, foursquare, etc.) and gets some special access token.
Your app takes the token and sends it to your server.
Your server receives the token and validates it. It checks it against the service's API and (at least for Facebook and Twitter) get the corresponding user ID.
Assuming a valid ID, your server checks if user ID has already been used by some user. If so, it logs them in. If the user ID hasn't been created, your server creates its own user record associated with that user ID and logs the user in. In either case, the user ends up logged in and your server issues a session key to your app.
The session key is used for all further communication between your app and your server until the user logs out.
On the phone, you're going to want some OAuth library to allow users to authenticate with another service. You'll probably want to use the Facebook iOS SDK to allow them to use Facebook and use one of the suggested OAuth libraries here for your other authentication services. I have only used the Facebook SDK, so I can't speak as to the general OAuth libraries.
Once logged in, the phone should not store the access token, only the session key.
Assuming that users can use more than one service to access their account, you will also want some way of connecting two services to the same user (probably by email address).
It's up to you to decide how your app and your server communicate. I'd go for a JSON+REST API for communications with the server.
Another option to get your users to login using multiple services is Socialize (www.getsocialize.com). It's an open source SDK that manages your users and authentication so you don't have to implement all the steps that cbrauchli has outlined above.
I was exploring if better/easy to use/implement options exist in 2020 using third party libraries to allow login with social accounts. And found two options:
AuthorizeMe - https://github.com/rubygarage/authorize-me & https://rubygarage.org/blog/authorizeme-ios-libary
Auth0 - https://auth0.com/learn/social-login/ & https://auth0.com/blog/using-centralized-login-to-add-authentication-to-your-ios-apps/
AuthorizeMe supports:
Facebook
Twitter
Google
Instagram
LinkedIn
plus custom providers
Auth0 supports:
Facebook
Twitter
Google
Microsoft (Windows Live)
Yahoo
Instagram
Amazon
LinkedIn
Github
PayPal
vKontakte
Yandex
Box
Baidu
Ren Ren (Xiaonei)
Weibo
Shopify
Wordpress
Yammer
SoundCloud
and custom providers as well
Disclaimer: I am not affiliated with Auth0 or AuthorizeMe.