For starters, I am on Ubuntu 14.04.
When I try to connect my username to the server and it asks for logging in with social network, I am unable to do so.
For "Login With Facebook", the page ends up going to facebook and a pop up displays saying:
App Not Setup: This app is still in development mode, and you don't
have access to it. Switch to a registered test user or ask an app
admin for permissions.
So, I guessed the facebook app wasn't set up properly and created a new user using Twitter. But logging in with Twitter fails as well. The OAuth goes through but when coming back to the app it says:
We were not able to match your social media account with this
username. Ensure your username is correct or the social media login
method is correct. Please close the browser and try again.
The link for "Or visit the Code Rally community for more details!" doesn't work either and I can't comment on any of the blog posts.
I am running out of social network logins so please advise what to do. Also, one thing to note is when I signup, I signup with a different email than the social network one, would that have anything to do with it?
which server are you trying to login on? (NA/EU/BR/IN/CN etc).
I'll go check the Facebook setup now to make sure I've not missed something, however it will help me narrow down the issue if I know which server is having issues.
The reason you can't login with Twitter on your ID is that it will already be associated with your Facebook ID which you registered with on InfoQ's contest site. To use Twitter you'll need to re-register a new ID on InfoQ's site and link it to your Twitter account (although I'd prefer to fix whatever is messing with the Facebook login).
edit
Looks like there was an issue in our Facebook OAuth config - it should be fixed now :-)
Related
Message: You've successfully authenticated with Facebook. Click the Register button to finish logging in.
but the email not showing.
I follow the instructions from here.
https://learn.microsoft.com/en-us/aspnet/core/security/authentication/social/facebook-logins?view=aspnetcore-6.0
But it doesn't work. How can I solve it?
Please login facebook and find the personal settings, make sure this account has binded the email information.
Check the facebook app's status, it must be reviewed by Facebook can check more details.
I can’t seem to find anything about changing actual user settings with the twitter api. I see ways to change the account “name”, but that is not the same as the username.
There is no API method for doing this. A user will need to use the Twitter website or app settings in order to change screen (user) name.
Currently when using instagram access token by the url "https://www.instagram.com/oauth/authorize/?client_id=[id]&redirect_uri=http://localhost:3000&response_type=token&scope=public_content" I have such an error
"This request requires scope=public_content, but this access token is not authorized with this scope. The user must re-authorize your application with scope=public_content to be granted this permissions."
I observed the internet and found that scope query part should be added to the end of API URL. That is how I constructed my url. But as you see it resulted in error.
I tried to find out the reason on app permissions page. There is a button "Start submission". I clicked it and got the list of radio buttons. But when I clicked on " I want to display my Instagram posts on my website." then I got:
You do not need to submit for review for this use case. If you are a developer and you want to display Instagram content on your website, then you do not need to submit your app for review. By using a client in sandbox mode, you can still access the last 20 media of any sandbox user that grants you permission.
So I finally got lost. Looks like the solution is pretty simple because in instafeed.js plugin no more information is provided. But I can not resolve it by myself.
change your scope to basic should work.
The link has 'public_content'
https://www.instagram.com/oauth/authorize/?client_id=&redirect_uri=http://localhost:5000&response_type=token&scope=basic
Let me start by saying I really like Deployd. I want to use it in production, but I want to incorporate OAuth and social logins, so I installed the dpd-passport module. It works great, except for two little (big) problems:
When a user signs in via an OAuth provider (e.g. Facebook, Twitter, Github) a new user record is created...but if the same user clears their cookies or uses a different browser to log in, a new user record is created.
If I do something clever (read: hacky) and assign users with social logins an ID based on the socialAccount and socialAccountId (something unique but constant for each social account), someone could use the standard method of user creation to spoof a user by making a POST request to the /users endpoint if they knew that user's socialAccount and socialAccountId.
My question is: How can I A) prevent #1 from occurring, or B) disable the standard method of user creation without also preventing OAuth user creation?
Has anyone ever successfully used Deployd and dpd-passport in production? If so, I want to speak with you...
Thanks in advance!
First of all, I think you haven't added the custom fields per the docs.
https://www.npmjs.com/package/dpd-passport#requirements
I hadn't either, and observed the new user feature (because it couldn't lookup the response from the auth service to find the user from before). Adding these fields fixed it.
Also, there is a google group here:
https://groups.google.com/forum/#!forum/deployd-users
Hope that helps.
Yesterday I created a new Ghost Blog website from the Azure website gallery. The installation there asks for Gmail account and passwords, and like any security fanatic I gave my personal gmail account information (mistake #1).
Everything went nicely and got the blog up and running in no time.
Moment went and I got an email from Gmail saying that there has been suspicious log in to my gmail account from Taiwan. Google blocked this login and I made quick password change.
Today I repeated everything, but created new account to gmail to test things out. Same thing happened, but this time the login was from unknown location.
I scanned my computer for keyloggers and didn't find any.
Is it just Google being cautious and warning that the Ghost is trying to send mail and performing login while doing it? Or are those passwords leaking? They are in clear text format in the ghost configs?
Edit:
Screen capture of the Ghost Setup in Azure
To my knowledge this seems totally normal Azure configure step.
The password is stored in clear text in the config.js file, but that is just fine because the file is not accessible from the web.
The reason why GMail complains might be that, in order to send mail, Ghost has to log in to your account with your password. In this case, requests are not coming from your personal computer, but from the Azure server that is in a data center somewhere.
But it's probably not the best idea to ignore the warning, because somebody might have actually breached your account. I would simply use another service for Ghost (like Mailgun).