Facebook login integration questions

7 posts, 0 answers
  1. Matt
    Matt avatar
    17 posts
    Member since:
    Jun 2015

    Posted 17 Sep 2015 Link to this post

    Morning!  We're trying to integrate our custom login and user tables and include Facebook login/logout.  we wrote the app using AppBuilder and it's intended platforms will be iOS, Android, Windows phones and eventually browsers (we'll integrate our website using the same approach later).

     i'm slowly going through the steps to enable FB login and came up with several questions that i can't figure out.  i hope they're easy and i'm just not getting it.  any help is appreciated.

     1) i attempted to use teleriks Friends sample to integrate, though we are not using Telerik user tables for login.  when i set up our FB app using Facebooks instructions (and some instructions from telerik found on some forums), we selected to leave our app in development mode (not submitted to go live or anything).  Using FB's interface, i set up Test Accounts/Testers and was hopeful i could use them to test getting emails and other info back from FB once i had a token.  unfortunately, when i run the getAccessToken function, log in using a test-account credential (all in the emulator), i'm given a facebook error of 'not allowed to see this app due to it is in development' error.  okay, so i start going through the facebook application process...in the mean time, i'm running the emulator to test against my personal live fb account but the emulator keeps remembering i logged in before.  how do i wipe that out?  my app isn't storing the initial token, when i log in to the test account, there isn't any app associated that i can 'block' or disable, where is this token stored and how do i get it out of memory?

    2) same as above, when applying with facebook, do i identify all the different platforms like desktop (for browsers), mobile, etc. or since i'm using Telerik to develop, does it not matter?  i seem to remember the post i referenced to do the initial fb app setup said not to choose a platform...

    3) my initial approach, since we have our own internal account verification steps i have to follow, is to use telerik's 'getaccesstoken' function to capture a token and may even use 'loginWithFacebook' which would create a telerik user account with FB token and no user/pass just so i can not write my own FB token gathering/verification on our servers...is this kinda dumb?  it feels kinda dumb so i won't be offended ;-)  are there better practices anyone would recommend?

     

    sorry if these have already been answered and thanks in advanced for any pointers and suggestions.

     

    Matt

  2. Matt
    Matt avatar
    17 posts
    Member since:
    Jun 2015

    Posted 18 Sep 2015 Link to this post

    okay...did some aggressive testing and work arounds on this.  figured out a few things...

    i was using the windows appbuilder and emulator to test.  it caches locally (in browser? on local drive?) tokens gathered by the getaccesstoken function.  kept using that and i couldn't get rid of it.  when i tested the facebook-api sample using telerik platform, it works.  it also works with test accounts that have been assigned to the facebook app.

     i decided we will not use telerik's user-account facebook login steps but instead the jso.js functions for facebook provided by their facebook-api sample.  since we have our own login requirements and user/pass stored on internal servers (not telerik), i think this will reduce any user account issues that may come up -- or at least any problems with user accounts will be in one place.

  3. Tina Stancheva
    Admin
    Tina Stancheva avatar
    3298 posts

    Posted 22 Sep 2015 Link to this post

    Hello Matt,

    I am glad to see you found a more suitable approach. Since you have login requirements using the JSO library to initiate a login operation in the InAppBroswer seems like a better approach.

    If I am not missing anything, the only issue left is with the AppBuilder Windows client simulator. Usually clearing the Local Storage of the simulator is all it takes to remove any temporarily hold data. However, I ran a quick test with the Facebook Sample app and clearing that data doesn't log you out. I will need more time to further investigate this behavior before I can suggest a solution.

    Please accept my apology for the delay and don't hesitate to let me know if you have other questions I can address when I write back.

    Regards,
    Tina Stancheva
    Telerik
     

    Visit the Telerik Verified Plugins Marketplace and get the custom Cordova plugin you need, already tweaked to work seamlessly with AppBuilder.

     
  4. Matt
    Matt avatar
    17 posts
    Member since:
    Jun 2015

    Posted 22 Sep 2015 in reply to Tina Stancheva Link to this post

    thanks for continuing to look into that particular problem.  at one point i deleted the entire blackdragon folder contents and wiped all facebook related cookies and passwords saved from my google settings.  don't know which of those two steps did it (probably wiping the blackdragon folder...) but the next time i ran the emulator, i was prompted to provide a facebook user/password again.  however, in my continuing tests, the emulator still auto-uses whatever credentials it captured that first time after i wiped my setup.

     

    btw the JSO script is very useful...clean and easy to implement.

     

    thanks,

    matt

  5. Ivan Ivanov
    Admin
    Ivan Ivanov avatar
    42 posts

    Posted 25 Sep 2015 Link to this post

    Hi,

    I will try to summarize what we found after our research.

    Once you login in facebook and give access to the facebook application created in the facebook developer portal you receive access token which is stored in the local storage of the browser. If you delete this token you won't have access to the facebook APIs that require authentication and you will have to get a new one. When you try to get a fresh token from facebook the user is still logged in and he already have given a permissions to your facebook application so you directly receive access token.

    The user stays logged in facebook because the browser stores a cookie but you can see it from the developer tools' resources tab. You can see only the resources for your current domain which in our case is local://simulator (you can't see the cookies saved for facebook.com).

    Currently we don't have functionality to delete all cookies so you should do it manually by following these steps:
    1. Close all running instances of the AppBuilder Simulator
    2. Delete web browser cache folder -  %localAppData%\Telerik\BlackDragon\Cache\WebBrowserPackage\WebBrowserCache

    We will discuss if implementing an out of the box cache cleaning is possible in the AppBuilder Simulator, as this will allow users to delete all cookies and saved cache there.

    If you have any further queries feel free to ask.

    Regards,

    Ivan Ivanov
    Telerik
     

    Visit the Telerik Verified Plugins Marketplace and get the custom Cordova plugin you need, already tweaked to work seamlessly with AppBuilder.

     
  6. Matt
    Matt avatar
    17 posts
    Member since:
    Jun 2015

    Posted 30 Sep 2015 in reply to Ivan Ivanov Link to this post

    howdy again,

    so, we are moving to device testing using the jso facebook token management.  unfortunately, i seem to be experiencing the same caching of login credentials issue i had with the simulator described earlier.  here are the steps i tried:

     

    1) made a 'Release' version using AppBuilder for Windows for Android.

    2) loaded on my Samsung S6 phone (after uninstalling any previous versions of the app and removing any files).

    3) first time i ran and logged on to facebook, i'm prompted with username/password as expected.

    4) after jso.wipe() to wipe tokens and such (only function i know of to wipe out credentials for this application), i log in with facebook again and it immediately displays the account permissions confirmation screen -- no username/login screen.  just like before, the app is keeping my login info to facebook (cookies and such as you described, right?).

    5) as you described, i wipe out the app (uninstall, etc.) and re-install from scratch and i get username/password again.

     

    as you mentioned, i'm assuming the inapp browser is retaining cookies or whatever facebook credentials in its own cache or local settings that i can't wipe out via the app.  is this true?  is this what you're looking at and not just the appbuilder simulator?

     

    thnx,

    Matt

  7. Ivan Ivanov
    Admin
    Ivan Ivanov avatar
    42 posts

    Posted 02 Oct 2015 Link to this post

    Hi Matt,

    After some further investigation, I managed to find a way on how you can perform facebook logout in your code.

    Basically, you should invoke a call to https://www.facebook.com/logout.php and to pass next(redirect url) and access_token in the query string of the url. Then, you should pass the web site url that is registered for your application in developers.facebook.com as redirect url and make ajax call to this url to perform logout. Finally, you can clean saved token by calling jso_wipe().

    Since this seems to be not documented officially, I attached a sample project with logout button to illustrate the approach. In addition, you can also check the topic on How to log out user using facebook SDK? in StackOverflow.

    Please let us know if this solution works for you.

    Regards,
    Ivan Ivanov
    Telerik
     

    Visit the Telerik Verified Plugins Marketplace and get the custom Cordova plugin you need, already tweaked to work seamlessly with AppBuilder.

     
Back to Top