I am using C# to get FB tokens. So once I redirect user to this link:
https://graph.facebook.com/oauth/authorize?........
it opens a new page instead a popup (FB javascript SDK, which I am trying to avoid).
There is 'display=popup' in that query, which doesnt work. I also tried to 'window.open(...),
but some browsers block such popups with blockers...
Is there a way to open an original Facebook popup, and then go back to C# code behind to do all the magic..?
Have a separate page for managing Facebook login. Open the same from a main page with something like this
window.open(""../Helper/FBLoginMgr.aspx?login=fb", "_blank","height=900,width=800,menubar=0,resizable=1,scrollbars=1,status=0,titlebar=0,toolbar=0");
in FBLoginMgr.aspx in Page load event you could do this:
if (Request["login"] != null)
{
//First time
url = "https://graph.facebook.com/oauth/authorize?client_id={0}&redirect_uri={1}&scope=offline_access,read_stream,user_activities";
Response.Redirect(string.Format(url, app_id, redirect_url));
}
if (Request["code"] != null)
{
//Second time
url = "https://graph.facebook.com/oauth/access_token?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}";
..
The initial querystring parameter login=fb is just to indicate to the Login mgr that it has just been launched and need to initiate Facebook authorization. The second Request["code"] is a parameter posted by Facebook upon authorization by the user.
Once the access token is retrieved, set a hidden variable to indicate that the job is done. Then in the aspx page you could have something like this:
$(document).ready(function () {
alert("Time to say good bye");
if (document.getElementById('<%=amidone.ClientID %>').value == "yes") {
window.parent.opener.doneWithLogin();//Indicate to the parent page
window.close();
}
});
Related
I'd like to redirect user to the main page after successful login, so I don't want him to have a back button or be able to get to the login page again.
I have redirected user to the login page with something like this:
if (isAuthenticated)
{
MainPage = new General.Pages.MainPage();
}
else
{
MainPage = new Account.Pages.Login();
}
I'm using this code for successful login, which doesn't work and gives an exception:
await Navigation.PopAsync(false);
await Navigation.PushAsync(new General.Pages.MainPage());
The given exception is:
System.InvalidOperationException: PopAsync is not supported globally on Android, please use a NavigationPage.
And no need to mention that the mentioned NavigationPage doesn't work neither.
I just figured it out, you can change MainPage at any point using this code:
App.Current.MainPage = new General.Pages.MainPage();
I leave this post to be, if it can possibly help other users.
There are 2 ways you could approach this.
Set you App.MainPage initially in the constructor of App.cs as your home page. Then in your home page's OnAppearing event or if it has a ViewModel then its Initialising method check if user is authenticated. If yes load his data. If not the show your Login page as a Modal. Once login is successful, you can pop the modal of login page and load the data for the home page. Also if required you can handle the back button event in the login page to not allow the user to go out of the modal page.
Drawback - The home page would be visible for a second before the login modal shows up.
In the constructor of App.cs check if the user is authenticated. If user is authenticated then show home page by setting it as the MainPage. Else set the MainPage as login page. Once login is successful again set the MainPage.
Drawback - Checking isAuthenticated in the constructor might make the initial load of the application seem slower.
And for the error you encounter is because you did not push any pages into the navigation stack. Hence your pop wont work.
var firstPage = isAuthenticated ? new General.Pages.MainPage() : new Account.Pages.Login();
MainPage = new NavigationPage(firstPage);
If you will use
mentioned NavigationPage
properly, PopAsync will work.
I have created a page that loads a page based on an ID you pass from a previous page. However, I don't want someone to be able to just enter the .aspx page manually into the address bar. I only want the user to be able to view this page if they clicked the button that got them there. I have heard of Document.Referrer, but I am not using any Javascript in my pages and this does not provide enough security. Are there any built-in functions or tricks to achieve this?
Thanks in advance!
I would look at the cross page post:
http://msdn.microsoft.com/en-us/library/ms178139(v=vs.90).aspx
Specifically you can check for it: (FROM MSDN):
if(PreviousPage != null)
{
if(PreviousPage.IsCrossPagePostBack == true)
{
Label1.Text = "Cross-page post.";
}
}
else
{
Label1.Text = "Not a cross-page post.";
}
You could try checking HttpContext.Request.UrlReferrer (Request.UrlReferrer on MVC). If they enter the URL directly it will be null. If they are sent from another page it will have the referrer URL.
When the user clicks on the paybill (secure page) option, he/she is prompted to log-in & then be redirected to the account page. I am using Page.ResolveUrl in the Login_Authenticate method. Once logged in, if the user navigates to any different page on the website & then clicks on paybill again, I check the Identity.IsAuthenticated status in the page load and depending on this I again redirect the user to the account page. I want to know if this is the right way or if there are any best practices for doing this as this involves a lot of server calls. Can I do this functionality using the LoggedInTemplate in the asp:LoginView or Javascript? I have the code for your ref...
protected void Page_Load(object sender, EventArgs e)
{
//to directly link user to account if it's authenticated
var userauth = System.Web.HttpContext.Current.User.Identity.IsAuthenticated;
if (userauth)
{
string urlredirect = Page.ResolveUrl("~/" + SiteConfig.PageMappings["ACCOUNT"]);
Response.Redirect(urlredirect);
Server.TransferRequest(urlredirect);
}
}
You don't need to do both the Redirect and the TransferRequest. Response.Redirect sends a 302 to the browser to tell it to access a new page. Server.TransferRequest causes the request to be handled in a different Page within the existing request. If you're doing authentication, you likely want to scrap the current session and start over, which means just using Response.Redirect. I use Response.Redirect in circumstances like this. I also think it's useful for the user to see they've been redirected to another page for login (as well as being useful for page caching and back/forth navigation in the browser. w.r.t to authentication and login).
I have set up the SDK on my FB application but for the life of me cannot work out why the redirection happens.
The app is an IFrame so, for testing I have two pages, on page one a link to page two, when I click the link the whole page is redirecting as opposed to the IFrame src redirecting.
Both pages are checking to see if the user is logged in with the following code..
protected string requiredAppPermissions = "user_about_me,email";
protected FacebookApp fbApp;
protected CanvasAuthorizer authorizer;
protected void Page_Load(object sender, EventArgs e)
{
fbApp = new FacebookApp();
authorizer = new CanvasAuthorizer(fbApp);
authorizer.Perms = requiredAppPermissions;
if (authorizer.Authorize())
{
}
}
I have had a look in source and can see this in the FacebookAppRedirectHttpHandler, I just can't understand why you would want to keep redirecting the full page for every navigation link?
The most important reason is that Facebook passes the authentication to the signed_request to the source on every request. It either does this with a POST in the body or with a GET in the querystring. The reason we do this is because cookies aren't 100% reliable. If we redirected inside the iframe we would have to store the user's session in a cookie. Some browsers, including safari, don't let iframe apps create cookies. There are ways around this, but for most people the way we have it works best. If you want to have a redirect inside the iframe without changing the top url you will have to save the session in some way and pass it to the second page. You could do this by adding it to the querystring (complicated) or storing it in the Session (not very scalable) or using cookies (not reliable).
i have one asp.net project. In this i used session for logged user. If i open a popup window and waited upto session expire. Then i got one error page that describing about the session expiration and redirect to the login page. but the login page open in the same popup window. My requirement is to open the login page in Main window. What changes that i will make for that?
if (Session["IsSessionValid"] != null)
{
//Some lines of codes
}
else
{
Response.Redirect("SessionError.aspx");
}
As far as i know i think we can use javascript to load the parent window with a new url
Write a function for the popup window.onclose event
In that function, you can refer the parent window from which you have opened a popup,
window.opener.location=url //replace the url of ur wish