android - Handling User Auth (via Facebook) and secure communication within an app -


maybe following sound somehow wierd , have false assumptions hope can condone on this.

just brief introduction want achieve:

right developing app needs backend storing user specific data (eg images, comments, etc). want rid off user authentication , want use facebook functions, too, let facebook authentication stuff , create user based on id/email receive after have authenticated.

let's brief describe flow:

  1. user opens app , not logged in (the facbook sdk handle session , persisting cookie on own).
  2. user authenticates via facebook.
  3. app sends id server. server return if there id existing , therefor app show kind of registration (domain specific form) or login user immediately

and comes tricky part not sure how handle this.

as api of backend public (https) need somehow assure if user logged in before able data via app.

it not enough "oh, app has validated user, noone else call backend". how can backend verify api-consument authenticated facebook login? want avoid can call our rest service facebook id has persisted on device.

keep in mind: not want assign password user when authenticated facebook.

maybe have kind of wierd thinking in use case, enlight me! answers , shared knowledge in advance. looking forward!!

if make server fetch user info using access token can this:

  1. do client side oauth authentication , receive access token
  2. send access token backend , user info including facebook id facebook api using token
  3. the server store hashed id (cookie = id + ":" + hash(id + secret)) in http cookie
  4. do registration/login thing
  5. on each request backend of server validate id cookie recomputing hash secret , comparing value cookie

Comments

Post a Comment

Popular posts from this blog

How to mention the localhost in android -

i trying call localhost in android application. unfortunately not possible used several methods emulator local host http://10.0.2.2/android/dbconnection.php and network ip address http://192.168.1.xx/android/dbconnection.php also http://localhost:8080/android/dbconnection.php but nothing connected localhost. purpose refer stackoverflow answers not working i facing same problem when worked on localhost. referred stackoverflow answer got solution create new emulator works fine in new emulator.
Read more

php - Calling a template part from a post -

i include iframe within post in wordpress. located inside content of post, meaning cannot in post template file, otherwise either before or after. i'd add facebook plugin within posts: <div id="socialwrap"><div class="fb-like" data-href="http://onlinearizonahomes.info" data-send="true" data-width="450" data-show-faces="true" data-font="arial"></div></div> i thinking of calling template part within post <?php get_template_part( 'social' ); ?> cannot use php within post without plugin (i'd avoid using plugin this). an alternative using javascript create html in post, seems unnecessary use of javascript. what best way add html within wordpress post? you can use shortcode. add functions.php function cudjex_fbshare( $atts, $content = null ) { global $post; $link = get_permalink($post->id); return '<div id="socialwrap...
Read more

c# - String.format() DateTime With Arabic culture -

check below code snippet, namespace testdateconvertion { class program { static void main(string[] args) { datetime testvalue = new datetime(2013, 12, 15, 15, 33, 44); cultureinfo culture = new cultureinfo("ar-sa"); string stringvalue = string.format(culture, "{0:d} {0:hh:mm:ss}", testvalue); console.writeline(stringvalue); console.readline(); } } } it gives output 22/02/35 15:33:44 i not getting how possible. whats 35 doing in output there that's 13/12/2015 in hijri, 35 means 1435 in hijri, default date format saudi arabia.
Read more