How to post with twitter API from client side - javascript

I am looking for a method to let the user:
sign in with twitter (I have setup this already)
post a tweet from my website
upon success, return the ID of the tweet
How can this be achieved?
The issue I see is that a user needs to setup a client id and so forth to automatize this (see: http://videlais.com/2015/02/28/how-to-create-a-basic-twitterbot-in-node-js-using-twit/)
Is there a way to bypass this by requesting the user one time read and write rights?

Related

Facebook messenger account linking, how to use it?

There are 4 easy steps described in the documentation about account linking for the messenger platform:
Register a callback URL using Log In Button.
Messenger Platform invokes the registered URL when a user starts the account linking flow. The redirect_uri and account_linking_token parameters are appended to your registered callback.
Once linking is complete, redirect users to the location provided by redirect_uri and append a authorization_code parameter (defined by you) to confirm linking.
Optionally retrieve the user's page-scoped ID (PSID) using the account linking endpoint. This step should only be used in special cases when you need the user's PSID as part of the linking process.
These steps are very easy to follow, except there's no help whatsoever on how to actually link the account, I get the redirect_uri and the account_linking_token as parameters on my callback website where I enter the account login and password.
And then, I link the accounts...? How exactly?
What's the use on this button? I know it is supposed to link accounts, but what do I need the account_linking_token for? I can already send in a regular web_url button the user psid, I can easily send it on my login button as a parameter and link account to this psid if credentials are correct.
I strongly believe there's something I'm missing or something I'm not understanding, but I don't know what. I followed the steps, called the account linking endpoint to get the PSID, which I already had since it is how I send messages with my bot, but I don't really see the point on this button.
So, what am I missing? I'm so frustated.
Just been through a similar bit of head scratching, so will explain what I've done while it's fresh in my head
For my example, I wanted Facebook to redirect out to my main login page, which is an open id connect implementation. The customer signs in to this, and I get an id_token and access_token back from that. Upon receiving the access_token, I'm extracting the 'sub' claim from the JWT, which is the unique customer identifier in our database.
I'm then redirecting back to the value that was sent to me in redirect_uri, appending authorization_code={the-value-of-the-sub-claim}
This then triggers the 'account link' webhook, which will Post to my service code, containing the PSID of the Facebook user and the authorization_code, which is my unique customer id in my business database.
You now have the 2 bits of information you need, the unique facebook id and your unique customer id in the Post message. It's up to your business code to persist this information to some sort of storage at this point
On subsequent message posts to the Bot endpoint, you always have the sender (PSID) in the message. Your code can now look up the corresponding id specific to your business and perform operations relevant for that id.
Where the linking takes place - that's in your code, you need to handle the message from the account link webhook and store the data for future use.

Using mod_scorm_insert_scorm_tracks

I'm interfacing my App with Moodle and I'm successfully calling mod_scorm_get_scorm_sco_tracks and mod_scorm_get_scorm_attempt_count via Ajax (XMLHttpRequest) for a given user (userid).
Now I want my App to push some SCORM tracks back to Moodle.
So I'm trying to use mod_scorm_insert_scorm_tracks but with no success.
The problem is that this method does not take an userid parameter, so I don't understand how to use it (and if I try to add userid to input params I get an invalid parameter exception).
I had kind of success (no error message) by sending this:
scoid=206&attempt=2&tracks[0][element]=cmi.completion_status&tracks[0][value]=completed&tracks[1][element]=cmi.interactions.0.id&tracks[1][value]=multiplechoice_page_1_1&tracks[2][element]=cmi.interactions.0.learner_response&tracks[2][value]=White&tracks[3][element]=cmi.interactions.0.result&tracks[3][value]=correct&tracks[4][element]=cmi.interactions.0.description&tracks[4][value]=Which%20color%20was%20Garibaldi's%20white%20horse%3F&tracks[5][element]=cmi.interactions.1.id&tracks[5][value]=hotobject_page_2_1&tracks[6][element]=cmi.interactions.1.learner_response&tracks[6][value]=butterfly&tracks[7][element]=cmi.interactions.1.result&tracks[7][value]=incorrect&tracks[8][element]=cmi.interactions.1.description&tracks[8][value]=Where%20is%20the%20fish%3F&tracks[9][element]=cmi.score.max&tracks[9][value]=2&tracks[10][element]=cmi.score.raw&tracks[10][value]=1&tracks[11][element]=cmi.score.scaled&tracks[11][value]=0.5&tracks[12][element]=cmi.session_time&tracks[12][value]=PT0H0M15S&tracks[13][element]=timemodified&tracks[13][value]=1480947821&tracks[14][element]=userid&tracks[14][value]=26&tracks[15][element]=scoid&tracks[15][value]=206&wstoken=69f2471506c4c49ff47cd0de0c4c9f01&wsfunction=mod_scorm_insert_scorm_tracks&moodlewsrestformat=json
However, since I cannot specify the user those data belongs to, my user's attempts does not update (as predictable).
This is the response from Moodle:
{"trackids":[44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59],"warnings":[]}
I've tried inserting the userid info into traks (tracks[14][element]=userid&tracks[14][value]=26) but still no luck.
So, the questions are:
Which user are those tracks inserted to considering that I'm calling it from an external app, so there's no logged in user in Moodle?
How can I specify that those tracks are for a give userid?
the user identity comes from the HTTP Context of a full login into Moodle: you can't provide SCORM tracking info on behalf of any user but the actual logged-in user.
More at:
https://github.com/moodle/moodle/blob/d33c67bc4744f901bf389607cfbbb683ef1c7d80/mod/scorm/classes/external.php#L451
https://github.com/moodle/moodle/blob/0b8e0c374f89ca20e5b9e7c9370761810811edc6/lib/externallib.php#L481
HTH,
Matteo

Securing accountsystem from external changes

I just started my own little project with HTML5, PHP and Node.js.
Currently everything works just as i want it. But something came to my mind after checking the code. My website is supposed to be an auction house. I store the userid in my database and have the id as an id tag on the website.
Here is the problem. If someone now bids on the items, i just simply take the id and send it to my node.js server. Technically someone could just change this id to the id of another person registered. Currently i have no real solution to this problem, since this is my first website.
I thought about maybe inserting the phpsessionid cookie into the user database everytime the user logins and then send these with the userid to the database everytime he bids on an item. The node.js server would then compare the stored value with the send one to verify if the right user send the bid.
My question is now, is this a good solution or is there a better way?
Edit:
Some of the code:
<li class='dropdown' id='steam' title='".$steamprofile['avatarmedium']."' name='".$steamprofile['steamid']."'>'><span class='caret'></span><ul id='profilenav' class='dropdown-menu'><li><a href='?logout'>Logout</a></li></ul></li>;
So this is the part that gets created once i login with openid
var steamid=document.getElementById("steam").getAttribute("name");
socket.emit('status added',{itemid:id, tmerid:timerid, steamid: steamid, avatar: avatarlink});
This is how i get the userid and send it to the node.js server

SignalR Content Specific Notifications

I am using SignalR for notifications in my web site but i couldn't find a way to send notifications according to the page/content.
Let me explain in details.
Assume that, there is a page for showing a record from database (for example a blog post).
So there is only one page for showing posts as it should be.
And every post has a like counter which i want to update via signalr notifications, if another user clicks like button. Until here, it is very easy to accomplish.
This page contains a javascript code block like below
var notify = $.connection.notificationHub;
notify.client.updatePostLikeCount = function (likeCount) {
$("#likeCount").text(likeCount);
};
And this function triggered from server-side like below (it is in another class instead of Hub class)
var context = GlobalHost.ConnectionManager.GetHubContext<NotificationHub>();
context.Clients.User(user.Id).updatePostLikeCount(likeCount);
But a user might open more than one post; so if a notification is sent from server-side all opened tabs receive this notification and update its counter.
I looked for .Caller method but it is not available in IHubContext interface which GetHubContext() returns and couldn't find another way.
To summarize, i want to send notifications to users who had opened the post which user liked.
EDIT: After sending question i got an idea. Continue sending notification as being and filtering according to the content at client side. It is not very good but i think it will work with charms.

Is it possible with facebook-php-sdk to post to a user's wall without leaving "via" in the status update?

[My Goal:]
I want to provide users with a facebook login button on my site with a FORM for them to fill out
that will post status updates to their wall from my site so they don't have to leave my site to goto facebook.
[The Situation:]
I'm using the facebook php Software development kit found here:
https://github.com/facebook/facebook-php-sdk
The examples/with_js_sdk.php demo script works for displaying the user's account information.
I have edited it so it posts a new status update to the user's wall with "testing this api' by making the following changes to the script:
$user_profile = $facebook->api('/me');
$facebook->api(
array(
'method' => 'users.setStatus'
, 'status' => 'testing this api'
, 'uid' => $user_profile['id']
)
);
The login button reads:
[My Issue:]
The issue I have with the above is that, unlike a user actually posting to their wall manually, posting via the api includes a link to the api that posted it.
Thus their post on facebook would look like:
is testing this api
4 seconds ago via MyAPINameWithALinkToThePageIDontWantPeopleToKnow
I don't want the API to include the "via" part in the user's status update on their wall.
[My Question:]
Is what I want, as far as leaving out the "via" part in the user's post, possible through the facebook api?
[What I've Tried:]
I've tried looking through the facebook api documentation.
I've tried googling this question and found similar questions:
https://stackoverflow.com/questions/12756777/remove-app-name-in-app-post-feed-using-facebook-javascript-sdk
http://www.vbforums.com/showthread.php?658541-Facebook-omit-quot-via-app-name-quot-from-Wall-posts
Seems to be hopeless...
then I found that this isn't possible via feed dialog. So I used Open Graph actions to accomplish this.
Use this for making your app smart :)

Categories