In my application users can login using the social networks such as facebook, twitter, linkedin so can any one tell me how to check whether user is already logged in with the facebook/twitter/linkedin in Phone with browser or other internal Apps, My application should also be able to know that the user has logged in so that it should not ask again for the login screen, Even if the user logged in using web browser/Facebook internal App my application should be able to access those credentials and it should allow users to login with out asking for the credentials again.
How to do this.
Thank you for all hints and your help in advance!
Have you ever gone any authentication methods? This link helps you to undergo Facebook login authentication, where it asks for the permission for the first time and if user accepts, it stores all those credentials about the particular user.
Next time the person logs in, they don't want to login again. You just call the login method in startup and it automatically makes the login successful. You can also get the user informations, such as email address and basic informations and store it in your application(Isolated Storage) if the user gives access to your application and you can use it next time when the user enter into the application.
Like you can also perform authentication in Microsoft Account, Facebook, Twitter & Google w/ Mobile Services in the below link
http://code.msdn.microsoft.com/windowsapps/WP-Authenticate-Account-c7e0ef84
Related
When the App Service has "Action to take when request is not authenticated" set to "Log in with X", any webpage hit gets sent to X for user login. Once the user logs in, the user is redirected to the page where they started.
For example, when the Social login service is Active Directory B2C, and the user starts from http://example.com/admin/monitor the user is sent to https://login.microsoftonline.com/...?...&state=redir%3D%252Fadmin%252Fmonitor
In this particular instance, I do not want all webpages to require authentication. How can I send a user to .auth/login/aad and specify the redirect_uri so that it comes back to the right page? If I do not specify anything, I end up at
and the website is only the originating website.
I am looking for something like https://example.com/.auth/login/aad?return_url=blahblah - I sure hope it exists!
Incidentally, there is a "redirect_uri" in aad that goes to /.auth/login/aad/callback. It looks like redirect_uri=https%3A%2F%2Fkamelos-app.azurewebsites.net%2F.auth%2Flogin%2Faad%2Fcallback. This is different than what I am talking about. After it goes to AAD, it goes to the Azure Mobile App and posts state=redir%3D%252Fadmin%252Fmonitor along with the token.
Update. I believe I am looking for "post_login_redirect_url"
You are looking for post_login_redirect_url I do not think there's a way to assign it from within a portal.
What you have to do instead is to navigate your users to
/.auth/login/<provider>?post_login_redirect_url=YOUR_URL
Your application can trigger the same redirect itself by navigating
the user to the /.auth/login/ endpoint of your site, where
is one of aad, facebook, google, microsoftaccount, and
twitter
from: https://azure.microsoft.com/en-us/blog/announcing-app-service-authentication-authorization/
If writing additional code is not an option you can configure an advanced authentication with AAD (not sure about Google, facebook, etc)
And when you do that you can add post_login_redirect_url to a return url.
I am creating a application in C# that uses face recognition as authentication method,after logging in it gets detail from the user's facebook account.
If first user just locks the app instead of logging out from facebook,another user comes in ,do i have to logout the first user for the second user to log in ,or i can login both users in a single app?Is it possible using the facebook sdk?
You have to use session to keep track of various users who are logging in.
In short, you can have multiple users logged in at the same time, if you implement session correctly.
I have already created a form authentication application. I had User table and created a custom membership provider. My user table has relations with other tables such as roles and permissions.
I change that to work using Windows Authentication. It looks easy but I have no clue how to still be able to read permissions from my tables? some tables are related to User table and requires user id, what to do here? should I break the foreign key?
If a user is accessing the page from LAN, s/he should get logged automatically, but if they accessed the application over internet, I should allow them to login? How to do this? What passwords should they use to login (active directory or my User table)?
I hope i get simple and easy answers.
Regards
In your controllers you can use User.Identity.Name to get the users AD username. You can then add a field to your users table called ADUSername (or update the values in the existing username field) so that you can link the logged in user to the existing user record in your database.
You don't have to do anything, if the user is accessing it from an external network or any machine that is not on the domain the browser will pop up a username/password prompt.
If you use Windows authentication, the user is going to be prompted for credentials just to access your site. You won't be able to prevent that. They won't even get to your code until they are authenticated.
We've done similar things using SSO (single sign-on), though I've never tied it to Windows authentication. The idea would be that you have two apps that share user credentials and, if you are logged into one, you are logged into the other. The first app would be your normal application which supports forms-based authentication. The second would be an app that only does Windows authentication and then, upon successful login, redirects to your normal application. Since you're already authenticated, the normal application simply creates it's standard authentication cookie and takes you to the main page of the application.
Typically these work by passing a token in the URL which you can then redeem via a back channel to the SSO server (or, in your case the Windows authentication server) to confirm that the token is authentic. The response to the back channel call contains the user name and other pertinent details if the token is successfully redeemed.
A sketch of the process might look like:
Get request to protected action on site.
If not authenticated, redirect to login site without token
Your login site contains both a forms-based login form and a link to the Windows authentication url
User clicks the Windows authentication url
Windows authentication site authenticates, creates a one-time use token in DB for user, and redirects back to your login action with token
Your login action redeems the token via back channel WebRequest to the Windows authentication server.
Windows authentication server validates the token, marking it as used, then returns the username to your login action.
Your login action creates standard forms authentication cookie and continues as normal.
I'm not quite sure I understand how to integrate Facebook into my website.
What I would like to do is allow users to sign in using their Facebook credentials.
The login is easy enough - but what I don't understand is the lifetime of the login. What I'm seeing is when I login through the popup, I get logged into Facebook as well. This isn't what I would expect.
Also, when I log out of Facebook, the Facebook cookie is deleted from my website as well.
Is this the expected behavior? It seems weird that if at some point in browsing my website the user logs out of Facebook they are logged out of my site as well.
I'm working with c# and asp.net if that matters.
As I understand, you just want to use Facebook as an easy way to log in. You're not pulling information from Facebook during the session with your app?
If that's the case, I'd keep my own authentication system but make it possible to use Facebook for logging in by claiming a user's user ID on Facebook. That way, as soon as they authenticate using Facebook you can get the user object by Facebook ID from your local data store, and use that to log in the user.
Your own (Forms) authentication system will then put your own cookies on the client for authentication, so as soon they log out of Facebook they'll remain logged in at your site.
Whenever you log in to Facebook as part of the Graph API flow, you remain logged in. And as soon as you log out, you're also logged out of your site. That is expected.
If I want my Facebook connect site to access user information about a Facebook user, is it necessary for that user to be logged in?
It is necessary for them to either be logged in to facebook or for you to provide the facebook connect login.
From the Facebook Connect FAQ:
A user can begin interacting with your
application immediately. For
applications within Facebook, you
don't need to have a user authorize
your application as soon as the user
visits your canvas page. See Automatic
Authentication:
http://wiki.developers.facebook.com/index.php/Automatic_Authentication.
A user authorizes an application when
the application presents a login
screen where the user accepts the
application's terms of service and
lets the application access his or her
profile data and creates a more
permanent connection.
You can find out more here:
http://wiki.developers.facebook.com/index.php/Authorizing_Applications
If while authenticating your application from user you requested the "offline_access" Extended permission then you will have an OAuth access token that will never Expire and you can use it to fetch user information from Graph api.
usually If the application has not requested offline_access permission, the access token is time-bounded. Time-bounded access token also get invalidated when the user logs out of Facebook. If the application has obtained offline_access permission from the user, the access token does not have an expiry. However it gets invalidated whenever the user changes his/her password.
But remember facebook insist on user initiated actions.