Posted on: 04/06/11 03:14pm
By: ::Ben
I start to reed
geeklog wiki about OAuth[*1] .
To activate OAuth support there are several steps.
First you must go to the Configuration Admin panel:
Configuration > Geeklog > Users and Submissions > Users > User Login Method[OAuth]
Set this option to "true". Just below this configuration option you will find the other OAuth settings. Currently Geeklog supports logging in via Facebook, LinkedIn and Twitter via OAuth. For each of these three login methods you will find an option to enable it and two text boxes for you to enter an Application Id and Application Secret Key (see below to find out how to get an Id and Secret Key). Each of these items needs to be filled out before the login button for it will be enabled. Once you have filled out the required information remember to then save the configuration changes.
Other requirements needed to enable Geeklogs OAuth Login process is you must have the PHP extension OpenSSL loaded on your web server.
When you log out, you will see one or more new login buttons in your site's User Functions block, below the normal login options
So everything is set: User Login Method[OAuth], Application Id and Application Secret Key, SSL support for PHP is enabled:
SSL Support => enabled
OpenSSL support => enabled
OpenSSL Version => OpenSSL 0.9.7a Feb 19 2003
but when I log out I do not see a new login button.
Ben
Re: How to set Facebook OAuth in Geeklog?
Posted on: 04/06/11 06:59pm
By: Laugh
I have OAuth enabled on my test 1.8.0b1 site fine so something must be missing in your install...
If you upgraded from a previous version of Geeklog you will also need to include some new pear libraries. These libraries are included with the 1.8.0b1 download.
You could also open up and check out the function SEC_collectRemoteOAuthModules in lib-security.php. That is where all the checks are done before the OAuth login buttons are displayed (every thing from OPENSSL to finding the required template files).
Tom
Re: How to set Facebook OAuth in Geeklog?
Posted on: 04/07/11 06:38am
By: ::Ben
Do we need a loginform_facebook.thtml file in the layout folder?
From lib-security.php line 1767
$thtml = $_CONF['path_layout'] . 'loginform_' . $mod . '.thtml';
Ben
Re: How to set Facebook OAuth in Geeklog?
Posted on: 04/07/11 07:22am
By: Roccivic
Just login_oauth.thtml is required, I think.
Re: How to set Facebook OAuth in Geeklog?
Posted on: 04/07/11 07:24am
By: ::Ben
Ok I can see the image now and I can log in. I forgot to allow user registration
Allow users to change their username will be necessary because the account I created with login from facebook give a login name like 100001018010901
Ben
Re: How to set Facebook OAuth in Geeklog?
Posted on: 04/07/11 09:49am
By: Roccivic
Quote by: cordisteOk I can see the image now and I can log in. I forgot to allow user registration
Allow users to change their username will be necessary because the account I created with login from facebook give a login name like 100001018010901
Ben
From an email from Tom some time ago:
Tom:
That's the name of the Facebook account (LinkedIn are weird as well).
The user can change it after if they want (the option has to be turned on in the config though).
Rouslan:
Maybe it should be on by default? Is there any reason why this may be a bad idea?
Re: How to set Facebook OAuth in Geeklog?
Posted on: 04/07/11 10:41am
By: ::Ben
Why could we retrieve the facebook account name to set the login name after checking it is a unique one?
Ben
Re: How to set Facebook OAuth in Geeklog?
Posted on: 04/07/11 11:10am
By: Laugh
I know only certain information can be retrieved due to privacy settings. That is the id that Facebook sends us for the account. I am not sure if the "account name" can be retrieved though.
I would put a feature request in the bug tracker and if I have time I can take a look at it. You could also contact contact ivy at Geeklog.jp to see what she says since they did develop the original hack for Geeklog.
Tom
Re: How to set Facebook OAuth in Geeklog?
Posted on: 04/07/11 11:44am
By: ::Ben
Tom,
The full name for the account I created on my test site was nicely set by facebook with my facebook account name.
Ben
Re: How to set Facebook OAuth in Geeklog?
Posted on: 04/08/11 08:50am
By: Laugh
Actually the Full Name is from Facebook's Real Name field. I would think we would want the Facebook Username field here.
Re: How to set Facebook OAuth in Geeklog?
Posted on: 11/16/12 03:33pm
By: masodo
Quote by: LaughI have OAuth enabled on my test 1.8.0b1 site fine so something must be missing in your install...
If you upgraded from a previous version of Geeklog you will also need to include some new pear libraries. These libraries are included with the 1.8.0b1 download.
You could also open up and check out the function SEC_collectRemoteOAuthModules in lib-security.php. That is where all the checks are done before the OAuth login buttons are displayed (every thing from OPENSSL to finding the required template files).
Tom
Thanks Laugh for pointing me towards function SEC_collectRemoteOAuthModules in lib-security.php.That is how I discovered that I was not seeing the [Login with Facebook] button because I had "User Submission Queue?" set to True.
I was afraid when I saw Facebook was using OAuth v2 and GL is OAuth v1, but the Facebook requirement for legacy support is built-in to Geeklog. It's working like a charm on my GLv-1.8.1.
http://BlogDogIt.com[*2]
Re: How to set Facebook OAuth in Geeklog?
Posted on: 06/25/14 11:19am
By: Anonymous (nice_idea_but_I_cant_use_it)
I want the Facebook OAuth usage (and have set it up) but it wasn't working because User Submission Queue was set false (there really should be something in the Geeklog Oauth wiki that warns people of this).
But why? I'd love to have the Facebook login but there's no way I can set the queue to false.... with all the latest captcha stuff working I still get an obvious spammer every day try to sign up. There's also a person (serial pest) I choose to block as well.
So disappointing, I was excitedly telling my fellow writers how we'll get more interaction from our readers with the facebook login.
Re: How to set Facebook OAuth in Geeklog?
Posted on: 06/25/14 06:16pm
By: Laugh
Yes the user submission queue has to be disabled (we currently cannot add remote users to the submission queue). The docs should be updated with this information and I have just updated the wiki.
You can set the user submission queue to false in the Geeklog configuration.
Tom
Re: How to set Facebook OAuth in Geeklog?
Posted on: 06/26/14 10:30am
By: Anonymous (nice_idea_but_I_cant_use_it)
Any plans on fixing that in future GL versions? It's going to prevent me using this otherwise really nice feature.
Re: How to set Facebook OAuth in Geeklog?
Posted on: 06/26/14 07:49pm
By: Laugh
Re: How to set Facebook OAuth in Geeklog?
Posted on: 07/01/14 10:56am
By: worldfooty
I definitely want to allow the facebook login but when I turned it on (and thus had to turn off user account request queuing) I went from 1 spam sign up per day to about 10.
I've got GL 1.8.2 and latest captcha with the slider. So not sure if they are bots getting through or just human spammers. Note they aren't using the facebook login, they've just pounced on not having to be queued (presumably one got through and passes the info on or does multiple accounts themselves). A lot are email addresses of the form AbSurname@yahoo.com (i.e. capital, lower case, Surname) but I've seen plenty of other domains over time.
I had a look and my reading of it is that you've already requested this yourself (but no one assigned). At least, to send oauth requests to the queue, so presumably that means allowing the queue and oauth to coexist.
I'll trial this for a few more days but looks like it's just letting way too many spammers through. Or is there something else I should also employ against them?
Re: How to set Facebook OAuth in Geeklog?
Posted on: 07/01/14 12:11pm
By: Laugh
It can be done but it will require a few changes. Basically we will have to check not only the user table but the user submission table when seeing if an oauth account exists. If it doesn't exist we will also have to save the new account to the user submission table if so required. We would also need a page explaining to users that tried to login with oauth that they got added to the submission queue for the website. They will still be logged into the oauth service (like Facebook) but not to the Geeklog site.
The regular Captcha doesn't work with Remote logins because the buttons are links to the providers who do the main authentication.
When using the oauth services (or any remote login service really) you are already saying that you trust accounts from this provider. Of course this is the ideal world and we all know that Facebook and Google+ is full of spammer profiles.
This feature will get added at some point but I know I do not have anytime until the fall to work on Geeklog.
Re: How to set Facebook OAuth in Geeklog?
Posted on: 07/02/14 09:09am
By: worldfooty
What you describe is a full solution, i.e. forcing oauth users to go on the queue too. I'd be happy just to have a partial solution that assumes facebook users are legit but still forces normal sign ups to be queued.
I'm getting about 1 fake email address sign up every hour. None of them are oauth/facebook. It's purely regular sign ups. Strangely no spam from them yet (i.e. nothing from them in submissions).
Unfortunately if I set them all banned rather than deleted I'm going to have a massive database of banned users.... at this rate 5000 in a month.
Meanwhile no one logging in using facebook as yet, so I guess I should just disable it and remove the issue.
Re: How to set Facebook OAuth in Geeklog?
Posted on: 07/03/14 08:48pm
By: Laugh
Everyone has a Facebook account, I would leave it if you can.
Even with the slider you are getting one spam user an hour? I found the slider captcha to be a real good deterrent.
You should upgrade to Geeklog 2.1.0 beta 1 if you can. The Spam-X plugin does a much better job at blocking spam posts and users. (I can't remember if Geeklog 1.8.2 uses the SFS module or not).
Tom
Re: How to set Facebook OAuth in Geeklog?
Posted on: 07/04/14 05:04am
By: ::Ben
Brett,
You could also give a try to the monitor plugin. A new tool is available in
version 1.2[*4] to auto ban IP of users trying to abuse the user creation, the contact form of user profile and the captcha plugin.
Ben
Re: How to set Facebook OAuth in Geeklog?
Posted on: 07/04/14 07:31am
By: worldfooty
As mentioned, it was more like 1 per day but when I stopped the queue it went to 1 per hour (even though not oauth sign ups), so presumably (?) one got the auto approve and fed that info back to the same system which has upped the frequency. Maybe they are all humans working for the same "business".
I'll look at the monitor plugin.