I have a wordpress website and an android WebView app to access that website. On the app somehow, I have integrated firebase Authentication for Facebook and Google . And, as for the wordpress website it has its own Authentication system so, what I want to achieve is when a user registers through the app using firebase Auth system the user should also be registered on the wordpress Authentication database so that they can access or login into the wordpress website and access it. Is there a way to achieve this? Or if not, what would be the best way to let user register to the website using the app. I think I am missing something here because of my very little knowledge. But, I would be happy if someone could point me a way on how to achieve something as this. Thank you in advance.
By the time the user register through firbase Auth system and get the response, your app should send the registerred user info to the register api offerred by wordpress to register this user in wordpress system. You also need to look into the implementation of wordpress function wp_set_auth_cookie to mock the login cookie for clients, the cookie value may be part of your wordpress register api's response. After getting the cookie value, android need to manipulate the cookie and save the cookie to webview in order to auto login to wordpress admin backend system.
There is a plugin that helps Firebase users to log in to the WordPress site. Here is the official documentation: https://firebase-wordpress-docs.readthedocs.io/en/latest/auth/wordpress-user-integration.html
Basically what it does is when you log in through FirebaseUI Web, it will create a user in WordPress and log you into WordPress dashboard.
Related
I have an existing Wordpress website using Woocommerce for the store and need to add a new form to one of the pages. The form is created in Vue and will be speaking to a backend API running on ASP.NET.
Is there a way to hijack the authentication and authorization provided by Wordpress by the backend API? The only solution I can see atm is to either have the user login again (this time to the endpoints going to ASP.NET (super inconvenient for the user)) or somehow when a user logs into the main site, have the PHP script send that to an additional backend endpoint maybe 🤔
The page itself is inaccessible without a user being logged in however, it does mean the endpoints are still open to the world without authentication to the ASP.NET api
We have our website built in Laravel 3.0 framework in php. We are now developing android app for the website.
Now the question is that we haven't used oAuth or oAuth2.0 like authentication in our backend.
Now I was wondering the approaches in order to login to backend.
Display webview at the start of the app for a single time with Login URL and then use stored cookies to manage further authentication requirements.
Using custom elements for login credentials like email and password and then call the NameValuePair service to log in to the backend. (But problem with this approach is that we need to send csfr_token in with email and password that is not available to user.
Or is there any other methods or practices available to login and stayed logged in in android app for the php based backend.
I was searching a bit about this in stackoverflow and google and I found this app called SeriesGuide which uses webview to login to their backend and then stayed Logged in until Logged Out. Please guide us for the query and Pardon my informal language and english.
I am working on my first wordpress plugin and posting to facebook. I have been looking for the last few days for ways to authenticate with facebook. I have found numerous sites that use the method of having the user create an App and then input the AppID and App Secret. However, I have used plugins before that use Oauth (I think) as it opens a pop up and the user basically logs into facebook and then says this app (your wordpress site) wants to control things.
Does anyone know of any resources for authenticating with Facebook without the user having to go through the trouble of creating apps?
Examples I have found but they require APPid and App Secrets.
http://www.sanwebe.com/2012/02/post-to-facebook-page-wall-using-php-graph http://www.pontikis.net/blog/auto_post_on_facebook_with_php
My anticipation is that they set up a website and create a single app for that. Then the plugin calls that website, gets the access token, and sends it back?
The wordpress documentation is quite confusing to me.
Creating an app takes about 5min, so I don't really see an obstacle here.
IMHO there's no other way than either
Using an app with FB Login to obtain the permission to post on a user's/page's behalf, or,
Getting an access token via the Graph Explorer and use this for your plugin
Please be aware that user access tokens expire after max. 60 days.
I'm trying to implement a transient oAuth authentication for a web app I'm creating. Essentially, the user needs to login with the Service each time they visit my web app. Primarily it's to enable using the web app without me having to store any of the user's authentication data. I'm trying to use the Tumblr API.
My platform of choice is PHP. However I've never really worked with oAuth before and and am still learning. The following scenario illustrates what I'm trying to achieve:
The scenario assumes that:
The user has already authorized my application in their Tumblr account.
Using my Tumblr Consumer Key, Tumblr Consumer Secret, I call to get request_token, which I later display to the user via a link.
Now on clicking the link above, I expect Tumblr to NOT to ask user to allow the app again (authorize in their account) and simply redirect user back and returning some info that will allow me to distinguish the user. There is no $_SESSION as user is trying login to the website using Tumblr
Is this even possible? If yes, can you help me figure out how to get this done?
Ps. I'm a complete oAuth Noob so please be gentle :)
If you are trying to use Tumblr in a way similar to Facebook Connect, Tumblr does not offer this feature at the moment. ie: you can not use Tumblr to log into your site.
Tumblr's OAuth implementation will allow you to have the user allow access for your app to the users account indefinitely. Which means that your app will always be able to access the users account, whether they are logged into your site or not. They will still have to log into your site each time they want to access your app.
Here is a solid guide to OAuth. Tumblr uses OAuth 1.0 :
http://hueniverse.com/oauth/
I've created a simple Facebook app that doesn't need any data/info from users. When I try to view the app on Facebook, it's requesting permission to access my personal info.
I want the app to display without this request, for both logged in and not logged in users.
What's the code to do this?
Edit with more info:
I have a working Facebook app which I want to leave alone, I've duplicated the apps code and created a new app through the Facebook dev area. I've changed the relevant App ID, API ID and Secrets throughout the code. The original app works without any permission needed, but my duplicated version for some reason requests permission.
Simple solution is to create the app in the developers area, do all the settings to an iframe and create the application path to your website. Now in your website remove all the PHP code related to FACEBOOK GRAPH API and let it be a simple website that is independent of facebook. This will make what you want.