There are two API. The first is responsible for the authentication user, the second for a local project. Local project does not create an account. How to enable the user to log in local project using the first API?
Maybe
On the client login window appears, enter the login password. Dispatched at the API project:
api.project.com/login .....
API project sends data to the authorization API
api.сompany.com / login .....
If everything is fine - it returns "OK", and then issues a token API project and the client has been working with it.
The goal to make a common account for all projects. But how to implement API - I do not understand
Thanks!
Related
I have a webservice created in PHP/MySQL. I have also created a simple RESTful API for the webservice and what I want is, to create an iOS app (in SWIFT).
What I need is a system for users to login via the iOS app.
If the user, successfully logs in via a web browser, a session starts so it keeps the user authenticated and logged in.
If the user logs in via the iOS app, I know how to validate the user (check email/password) by making a call to my API but I have no idea how I should handle the next step after a successful login. What should be the corresponding "session" for the iOS app?
Please note that I don't want to validate a user via google, facebook or whatever, I only want to validate a user against my database.
Two possible solutions that I have read about are oauth and JWT but their purpose is not clear to me. Especially oauth looks like I should use it if I want users to login to my service via google, fb, etc.
everyone!
In my app I want to have an abily to login from account in social networks as well as from accounts registered localy and have access to the same database on my server.
What I mean:
Scenario 1:
User pressed "login with facebook"
-> Get access to application features
Scenario 2:
User pressed "login with account registred localy on my server"
-> Get access to application features
If I login from local account then it's easy to check auth data and grant access.
If I login in my app from twitter for example and got their tokens, how could I use them to access data on my server?
I found information only about how to make local login using Passport or using social services using Socialite but not both at the same time.
Well, turns out, it's actually easy to implement using only Socialite with standart auth. I misunderstood the concept of oauth so there is no need for passport at all.
I am creating an react-native-ios app that communicates with a php web app hosted on azure.
How I understand it works:
The user signs up to the app, the server communicates with auth0 server which then returns a JWT token to the php server, saves the token to the database and then sends the token back to the client-device where it is then stored on device.
The user must send the JWT token as a header whenever communicating with the server.
Whenever the user logs out the token is deleted and when signing in, a new JWT must be received.
The user can sign in via using credentials that match what is on the database or sign-in with Google or facebook.
Or is Auth0 just for signing-in with enterprises such as Google or can I use it to sign in to my app also that has login credentials on the database?
I have found the
npm react-native-lock-ios but it doesn't work the way I described above.
In summary, How should I go about this and is what I have explained above correct?
The main problem here is that you did not understand how to work with JWTs. I would advise you to take a deeper look on how this technology works and how Auth0 can help you. But, in summary, this is the workflow for authentication that you must aim:
Your user will choose one of the many identity providers supported by Auth0(e.g. Facebook, Twitter, LinkedIn, SAML, WS Federate and so on).
Your react native app will communicate directly to Auth0 API through the react native lock.
Auth0 will interface with the chosen provider and redirect the user to an authorization page in this provider (case it is needed and it is the first time the user logs in).
Auth0 will generate a JWT and send back to your react native app.
Your react native app will send this JWT to the server (usually on the Authorization HTTP header) when issuing requests to your endpoints.
Your PHP backend will check if this JWT is really valid. This is can be done with Auth0 PHP SDK.
In case the JWT sent has not been tampered (changed irregularly), your backend will accept it as the user identifier and respond the request as expected by your react native app.
As you can see the biggest issue in the approach that you thought you would follow is that the login process does not go through your backend server. It happens on your front-end app (react native) communicating with Auth0 and the identity provider chosen.
JWTs are tokens that hold information (claims) about a subject. These tokens can be validated by anyone that possess a key (public or private). That is, having this key you can validate the token and can rest assured that it has not been changed improperly.
Further more, to answer the question regarding the usage of Auth0 with credentials on your database, you can bet that you can use it. Auth0 provides ways to integrate with your own database to check the existence of a user. This is called a customer user store.
Happy studying.
Current Working Flow
I have a web app (developed in wordpress)
I am using google-drive-sdk to upload dynamically generated pdf file to a GMail account.
The GMail account has been configured in the web app giving the
secret key ....
The web app first makes the authentication ===>i.e The GDrive Account is authenticated for the first time by the GMail owner (In Google Permission window the button Allow Access is clicked)
It works fine thereafter when called from the web app - the pdf file dynamically generated gets into the configured GDrive
The Problem
PDF files gets uploaded to the GDrive only for some time.
After sometime it doesn't upload the files to GDrive.
I then tried creating a new token - It again starts uploading files but stops after some time.
This happens only in Staging server.
In my local development system it keeps working fine - uploading the file to GDrive whenever the app is executed.
The difference between both the environment is the GMail Account is different.
If you have any idea on the cause of issue or any pointers would really be helpful for me.
Your application must use OAuth 2.0 to authorize requests. All requests to the Drive API must be authorized by an authenticated user.
The details of the authorization process, or "flow," for OAuth 2.0 vary somewhat depending on what kind of application you're writing. The following general process applies to all application types:
When you create your application, you register it using the Google API Console. Google then provides information you'll need later, such as a client ID and a client secret.
Activate the Drive API in the Google API Console. (If the API isn't listed in the API Console, then skip this step.)
When your application needs access to user data, it asks Google for a particular scope of access.
Google displays a consent screen to the user, asking them to authorize your application to request some of their data.
If the user approves, then Google gives your application a short-lived access token.
Your application requests user data, attaching the access token to the request.
If Google determines that your request and the token are valid, it returns the requested data.
Some flows include additional steps, such as using refresh tokens to acquire new access tokens. For detailed information about flows for various types of applications, see Google's OAuth 2.0 documentation.
I'm currently developing an app using Laravel. What I want to do, is to link this app to a SugarCRM app.
A simple workflow could be this:
User arrives to the app (Laravel app), enters its credentials
-> Credentials are sent to SugarCRM
-> if credentials are ok, the user is logged into the Laravel app.
Long story short, SugarCRM is used for the authentication to my Laravel App.
To do this, I developed a custom driver to my Laravel app.
The problem is:
If I quote the Laravel doc about custom Auth driver:
retrieveByCredentials: This method should not attempt to do any password validation or authentication.
Laravel Auth system requires to check first if the user exists in the base, with "no attempt to do any password validation or authentication".
But to do any kind of request to SugarCRM, I must authenticate first.
How should I deal with this without writing too dirty code?
What the docs mean there is that function shouldn't validate or authenticate credentials for your application. So if that function is called it shouldn't log that user in, but just return their credentials.
Its fine to authenticate to your external service so you can interact with their API.