I have a special use case I can not solve. When the user click on Facebook Connect and find an similar email in my DB. I want to ask the user if the account belongs to him.
If the answer is yes, he needs to connect with his account and then add the Facebook ID in the DB.
If the answer is no, I create a new user in the DB and log in.
I don't find the best way to do this. Can someone help me ?
In controller you can check whether email exists in DB or not using fos user bundle user manager
$user = $this->get('fos_user.user_manager')->findUserByEmail($email);
After user confirms, you can use implemented facebook provider to do necessary action.
between,
I have a question for you,
"If the answer is no, I create a new user in the DB and log in."
how do you create a new user with same email (assuming email is unique)?
Related
I'm working on a Node js project using Firebase. Currently, I store several User fields in the database under their email address. (Users > Email Address > (five different fields)). One of these fields is the user's password.
In my Reset Password workflow, I have Firebase send the User a reset password email. After the user goes through the link in that email, they successfully change their password and can now log in with their new password. My question is how can I grab that new password, and update the Users > Email Address > password field in my database right away? Currently, this field is holding the old password that doesn't have any use any longer.
I don't believe we will need this field for the project, but I want to keep it updated for now in case another member on my team needs it. Thank you
My question is how can I grab that new password, and update the Users
-> Email Address -> password field in my database right away?
By using the standard reset password email mechanism proposed by Firebase you cannot "grab" the password.
You would need to implement your own mechanism as explained in the "Create custom email action handlers" page in the doc.
As evocated by #Kiran in his comment, storing users' passwords in your Firebase DB (Firestore or the RTDB) can be dangerous: you should take care that they cannot be read by some malicious users, typically by using security rules.
It can make sense, from a specific business/admin/organisational reason, to store users' password in a Firebase DB but then you should correctly protect them.
How to implement a before filter that asks to confirm a user password to access some routes?
I'd see this when using Laravel (password.confirm middleware) but I could find similar for Symfony.
Thank you.
I can't comment so #alessandro_podo.. I'd try eventlistener but I don't know how to redirecto to login page and back to the current route. #KMAHY that's not what I need.. I don't wanna check isGranted I want to ask for user to enter username/password even if he is logged in.
I've been trying to find a way to figure out if a user is already created with the same email in Firebase, and it doesn't seem like it is possible.
This basically means I will need to save the email for every user and check in the Firebase database if the email is there already.
Is there really no other way?
I see all these posts with... how to link a user with another auth provider, but there is no way to know if the user with the specific mail exists already...
You cannot link an existing account to another account. You can only link a new account to an existing one. If you wish to check if an email of a new account already exists before either creating it or linking it to the existing account.
You can call https://firebase.google.com/docs/reference/js/firebase.auth.Auth#fetchProvidersForEmail
If the email provided already exists, it will return an array of the provider ids. You then sign in the user to the existing account and link the new account to it.
fetchProvidersForEmail will work as expected when multiple accounts per email is disabled in Firebase Console(default behavior unless you are migrating from Firebase v2).
I'm looking for a basic explanation of how could I do this with symfony2, since there is no decent documentation in the web about this. I know how could I do the process with plain php, but I don't know where to start with symfony2.
Any help would be really appreciated, guys.
Thanks!
To clarify what I'm looking for: once the user completes the registration process, send an automatic email with a link to activate his account
FOSUserBundle has this feature by default.
You can do it on your own:
Create a user specific secure hash and store it in the database at registration.
Send an email to user containing a link with that hash: myapp.com/signup/token/..(token here).../
Create the relevant route to the controller that will check the hash, pass the token in the url to the controller as variable.
Check if the hash is correct in the controller and do the relevant action.
I have a registration-login system on my own website yet I want to add Facebook Connect too. I have some required parts of my user table as:
Username
Password
Email
The first thing that came to my mind is, setting userId as username, userId#facebook.com as email and setting the password to null and check if a record exists with these details in my user table. If not insert a new user with these details, if exists return that user details.
Is this a good design? How should I connect facebook connect to my website?
Thank you
I would suggest you to take this into a more deep ASP.NET, and start an MVC project
then use the Microsoft Facebook API SDK to play around with the API, it's very easy and because they are using the new dynamic type, now that Facebook changed the Open Graph, it will continue to work great as well.
in your login page, add a facebook login button and ask for permissions, for example:
<fb:login-button perms="email" size="medium">
redirect-uri="http://yourdomain.com/FBLogin/"
Subscribe using Facebook</fb:login-button>
in your FBLogin controller, login the user using the FB credentials, if the user uses your normal form, use the normal login
If you create a custom MemberShip Provider, you can easily use that for both accesses... I write a simple start to a custom Membership provider here