i have a little problem with Meteor and Twitter.
All i want to do is posting a tweet through a click on a button. For this I have to authenticate myself over Oauth to the Twitterservice.
At the moment i am doing the authentification in a really complicated way springing from client to server and back. But now I found the function Meteor.loginWithTwitter. Originally I thought this function is only for logging you into your own application with the Twitterkeys, now i am not so sure anymore. Probably I can also use it for my problem. Because it seems that the Oauth-Process is completely (and in a simple way) implemented in Meteor.
Sadly i cann't find any documentation or examples for just logging in and getting the final oauth_token. And so all i got from Meteor back then i try the following code, is this errormessage:
Erromessage: Accounts.ConfigError {message: "Service not configured"}
Meteor.loginWithTwitter( function(err){
if (err){
console.log(err)
}else{
console.log("yeah");
}
});
I know i have to enter somewhere my Appinformation like the Consumer key, but i have no idea where. Can someone help me out and knows some examples for me? Or knows if i am even on the right track?
Thanks and greetings
Philipp
The easiest way of doing this: Add the accounts-ui package:
meteor add accounts-ui accounts-twitter
and in your template do
{{loginButtons}}
On the first start of the application, a click on the login button will guide you through the setup process. You will create a Twitter application and copy the consumer key and consumer secret into a form, that meteor presents you. Afterwards you can log in using Twitter.
Make sure to use the latest Meteor version (0.5.2 at this moment)
You can also config your consumer key and secret with code, this is an example with weibo but its work for twitter, google etc... (server side) :
// first, remove configuration entry in case service is already configured
Accounts.loginServiceConfiguration.remove({
service: "weibo"
});
Accounts.loginServiceConfiguration.insert({
service: "weibo",
clientId: "1292962797",
secret: "75a730b58f5691de5522789070c319bc"
});
You need to add what #Tom31 suggested in your server side, i.e., I have a /server/server.js
Accounts.loginServiceConfiguration.remove({"service": "twitter"});
Accounts.loginServiceConfiguration.insert({
"service": "twitter",
"consumerKey" : "<yours>",
"secret" : "<yours>"
});
Finally, your access token are stored in your user at the database but this information it is not propagated to the client and, if you want to have access to it, you new to create a server side method and access it through Meteor.call or Meteor.apply
Updated: Example of my server side method
I've created my server side method like this:
Meteor.methods({
...
userGet: function(id) {
return removeSensibleFields( Meteor.users.findOne({ _id: id }) );
}
...
});
where removeSensibleFields is a method to remove all unnecessary/private information that may not be sent back to the client
Related
I am currently working on a Sessions Server for a company project.
My problem is, I cant find any help to accomplish, that I can do javascript HTTP calls from a javascript server running with http.createServer() and server.listen(8080, ...) to my Angular Server, which is hosted with ng serve running on localhost:4200.
What I want, respectively need,is something like mentioned below in pseudocode:
In my Angular TypeScript file I need something like:
private listdata = new Array<string>();
ngOnInit(){}
constructor(private http: HttpClient){
this.http.listen(method: "POST", address: "http://localhost:4200/data", callback: => (data){
this.listdata = data;}
)
}
So that my Angular Application (Server) can receive REST calls from another Server.
In my JavaScript file I want to do smth. like:
http.post("localhost:4200/data", data, httpOptions);
So in the end, my javascript server running on localhost:8080 sends data to my angular server running on localhost:4200.
I tried to read me through several sources, containing HttpInterceptors etc. but couldnt find a simple solution for Noobs like me.
Is there an easy way, so that my automatically builded and hosted Angular Server can define routes it listens to and process the data directly for frontend use?
Thanks in advance :)
I think you have to read documentation again
In my opinion or am using like that when calling rest.
2.1 Rest function have to write in httpService.service.ts
2.2 Rest I used to HttpInterceptor to login OAUTH it will check auth guards,
then token expired you check easy way.
3. last question: You asking like roles something, you want to show components different users? yes you can manage routing,
https://www.thirdrocktechkno.com/blog/how-to-integrate-interceptor-in-angular-9/
this is my first post so please go easy on me!
I am a beginning developer working with javascript and node.js. I am trying to make a basic request from a node js file to facebook's graph API. I have signed up for their developer service using my facebook account, and I have installed the node package for FB found here (https://www.npmjs.com/package/fb). It looks official enough.
Everything seems to be working, except I am getting a response to my GET request with a message saying my appsecret_proof is invalid.
Here is the code I am using (be advised the sensitive info is just keyboard mashing).
let https = require("https");
var FB = require('fb');
FB.options({
version: 'v2.11',
appId: 484592542348233,
appSecret: '389fa3ha3fukzf83a3r8a3f3aa3a3'
});
FB.setAccessToken('f8af89a3f98a3f89a3f87af8afnafmdasfasedfaskjefzev8zv9z390fz39fznabacbkcbalanaa3fla398fa3lfa3flka3flina3fk3anflka3fnalifn3laifnka3fnaelfafi3eifafnaifla3nfia3nfa3ifla');
console.log(FB.options());
FB.api('/me',
'GET',
{
"fields": "id,name"
},
function (res) {
if(!res || res.error) {
console.log(!res ? 'error occurred' : res.error);
return;
}
console.log(res);
console.log(res.id);
console.log(res.name);
}
);
The error I am getting reads:
{ message: 'Invalid appsecret_proof provided in the API argument',
type: 'GraphMethodException',
code: 100,
fbtrace_id: 'H3pDC0OPZdK' }
I have reset my appSecret and accessToken on the developer page and tried them immediately after resetting them. I get the same error, so I don't think that stale credentials are the issue. My
console.log(FB.options())
returns an appropriate looking object that also contains a long hash for appSecretProof as expected. I have also tried this code with a number of version numbers in the options (v2.4, v2.5, v2.11, and without any version key). Facebook's documentation on this strikes me as somewhat unclear. I think I should be using v2.5 of the SDK (which the node package is meant to mimic) and making requests to v2.11 of the graph API, but ??? In any case, that wouldn't seem to explain the issue I'm having. I get a perfectly good response that says my appSecretProof is invalid when I don't specify any version number at all.
The node package for fb should be generating this appSecretProof for me, and it looks like it is doing that. My other info and syntax all seem correct according to the package documentation. What am I missing here? Thank you all so much in advance.
looks like you have required the appsecret_proof for 2 factor authorization in the advance setting in your app.
Access tokens are portable. It's possible to take an access token generated on a client by Facebook's SDK, send it to a server and then make calls from that server on behalf of the client. An access token can also be stolen by malicious software on a person's computer or a man in the middle attack. Then that access token can be used from an entirely different system that's not the client and not your server, generating spam or stealing data.
You can prevent this by adding the appsecret_proof parameter to every API call from a server and enabling the setting to require proof on all calls. This prevents bad guys from making API calls with your access tokens from their servers. If you're using the official PHP SDK, the appsecret_proof parameter is automatically added.
Please refer the below url to generate the valid appsecret_proof,and add it to each api call
https://developers.facebook.com/docs/graph-api/securing-requests
I had to deal with the same issue while working with passport-facebook-token,
I finally released that the problem had nothing to have with the logic of my codebase or the app configuration.
I had this error just because I was adding intentionally an authorization Header to the request. so if you are using postman or some other http client just make sure that the request does not contain any authorization Header.
I'm implementing invite people in my app, I want to use googgle contacts,
If I use accounts-google package for authenticating the user, It will be complex process, beause I don't want to store user information,
I just want one time auth, so I'm searching for client side solutions,
var url='https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/contacts.readonly&client_id=5558545-3n8vg6u4nu2hm1gmuj1dbjib28p33qss.apps.googleusercontent.com&redirect_uri=http://localhost:3000/_oauth/google&response_type=token'
var newWindow = window.open(url, 'name', 'height=600,width=450');
on click of invite button I'm calling this it is working well, but how to read the accesstoken returned by this window.
I can't find how to do this?
I tried using HTTP method
HTTP.get(url, {}, function(e,r){
console.log(e,r);
});
but it throwing error, It is not working.
HOw to read accesstoekn from popup? or Is there any alternatives to do that?
window.location.hash contains the fragment part of the URL.
I have done this.
If u need the sol let me know, cos its little long. But I did with no package and raw implementation
I'm using v0.10.
Simple blueprint request for a messaging app (my model is named message)
var socket = io.connect('http://localhost:1337');
//initiate the request
socket.request('/message', {}, function(users) {});
socket.on('message', function(m){
console.log(m)
});
Using postman to to delete a message sends the delete to the client, however create does not send anything. Thank you.
UPDATE:
created this repo to reproduce the issues: https://github.com/jamescharlesworth/testProject
Take a look to http://beta.sailsjs.org/#/documentation/reference/Upgrading search that page for "socket" and there you'll find the differences on sails 0.10.
The most important one now is that instead of the "type of message", the first parameter of the "on" is the model. As it was previously used to call "message" to one of the types of messages, perhaps there is a remaining bug or something that filters your "message" model notifications when creating.
Have you tried naming your model different? Just to validate that the issue is with your model's name.
Additionally: if you want some transparent binding of models into an angular app, you can do it seamlessly with angular-sails-bind:
https://github.com/diegopamio/angular-sails-bind
I made it for my own project and then decided to put it as a separated library so everybody could benefit and I could have my first experience developing a bower package.
I hope it could help you.
In your example, you are using autosubscribe: ['destroy', 'create', 'update'],
while in sails 0.10 they have with "ed":
The events that were formerly create, update, and destroy are now created, updated, and destroyed.
That may be your issue.
So I'm rather new to the meteor framework and JavaScript in general, but I'm working on a little project using the framework to try and bring myself up to scratch. Basically I'm working on a micro blogging site.
At the moment users are able to log in through several services, fb, google etc. And I retrieve their avatars via the service id inserted into the needed url, all this works fine. But I want the user to be able to see their own avatar as soon as they log in which means I need to run some JavaScript right after login is successful. At this point in time I cant find anything on an onLogin style event. And have hacked together a handlebars template to run the code when a user logs in. However this code appears to only run once and if a user logs out and then back in they don't see their avatar anymore.
Does anyone know of an event I can use to do this?
here is my hacky template
{{#if currentUser}}
{{> userInput}}
{{/if}}
here is the js it calls
$('#inputAvatar').css('background-image', 'url('+avatarUrl+')');
I would really appreciate the help, I'm sure it's something simple that I've overlooked but I cant seem to figure it out!
Thanks, Peter.
I don't know if the way you're doing it is the most appropriate but personally do the following on the client side to detect if a user logged in:
Tracker.autorun(function(){
if(Meteor.userId()){
//do your stuff
}
});
If you are using google login or any other o-auth login, you can pass a callback function which will gets execute after login,
Here is the sample code.
Meteor.loginWithGoogle({
requestPermissions: ['email']
}, function(error) {
if (error) {
console.log(error); //If there is any error, will get error here
}else{
console.log(Meteor.user());// If there is successful login, you will get login details here
}
});