Facebook Authentication plugin Facebook Authentication plugin
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Facebook Authentication plugin

Started by paterczm, June 18, 2011, 12:18:32 PM

Previous topic - Next topic

0 Members and 3 Guests are viewing this topic.

paterczm

Facebook authentication plugin for Coppermine. This is not a bridge, it will not affect existing Coppermine users in any way - standard login and user registration is still available.

Requirements

  • Coppermine 1.5.x (tested with 1.5.12)
  • FirePHPCore 0.3.2 [1]
  • Http server with url rewriting enabled
  • Facebook account [2]

Installation
1. First you need to register your gallery as a facebook application [3]. Continue this steps when you've got Application ID and App secret.
2. Install FirePHPCore 0.3.2 [1]. This is a logging library which makes PHP development a little less annoying. You can put it in the root of your page (in /FirePHPCore).
3. Create an url rewrite rule from facebookauth.php to index.php?file=facebookauth/facebookauth.php, e.g. if your gallery is available at http://yourdomin/gallery/, create http://yourdomin/gallery/.htaccess file with following contents:

RewriteEngine On
RewriteRule ^facebookauth.php$ /gallery/index.php?file=facebookauth/facebookauth&%{QUERY_STRING} [PT,L]

If you're having problems with this step, consult Apache documentation and/or your hosting service provider.
4. Install the plugin
5. Use phpMyAdmin to set plugin_facebookauth_* configuration parameters:

  • Set plugin_facebookauth_application_id with the Application ID you got in step 1
  • Set plugin_facebookauth_application_secret with the App secret you got in step 1
  • Set plugin_facebookauth_firephp_path with relative path to Fire PHP, e.g. if your gallery is available at http://yourdomin/gallery/ and Fire PHP is available at http://yourdomain/FirePHPCore, then the default value "../FirePHPCore" is correct.
6. Open the login.php page and click the link above the login form: "Login via facebook"
7. Login to facebook, if not already logged in. Then you will need authorize the gallery to access some personal information (see facebook authentication documentation [4] for details).
8. New user account is created in Coppermine; you should now be logged in.

Why the url rewrite rule?
For some reason, facebook api doesn't like this url: index.php?file=facebookauth/facebookauth.php, even when it's properly escaped. Url rewrite rule is a way to make it work while complying with Coppermine url conventions.

Javascript Overlay Features

  • You can add links like <a href='facebook'>your text here</a> to your theme, they will be converted into facebook login links (only the href='facebook' part matters). After login the user will be redirected back to the page where the link is.
  • Usernames rendered on page will be replaced with names got from facebook. There are 3 modes, defined with plugin_facebookauth_show_names configuration parameter: 0 - no username replacing, the displayed names will be something like fb12345678; 1 (default) - replace with only first name; 2 - replace with both first and last name.
  • Add a login link on login.php page. This is defined by plugin_facebookauth_show_login property - 0 don't add the link; 1 (default) - add the link.

Security
This modification should be as safe as Coppermine and facebook authentication api.

Privacy

  • Following user information is stored in the database: facebook id, first and last name, email.
  • Due to how username replacing feature is designed, one can find names of all users who logged in to Coppermine using facebook authentication by examining the source of the page. Keep this in mind when setting plugin_facebookauth_show_names (1 will expose only first names - no big deal, 2 also last names).
  • Coppermine allows users to delete their accounts, but that does not affect information stored in plugin_facebookauth_users table (first and last name). This is because there is no hook for user deletion.

Known Issues

  • Editing comments doesn't work when plugin_facebookauth_show_names > 0. Root cause of this problem is that Coppermine doesn't differentiate between username/login and displayed name. Workaround: uncheck 'Allow users to edit their comments'.

Demo
If you want to try it out, go to http://www.marek-paterczyk.waw.pl/gallery/, open any picture, then click on "Login via facebook" link below comment section. You can delete your account afterwards if you want.

[1] http://www.firephp.org/
[2] http://www.facebook.com/
[3] https://www.facebook.com/developers/
[4] http://developers.facebook.com/docs/authentication/

LaLLe

Great Plugin, but I run into trouble when trying to use it with phpbb2.0.18 bridging. Works flawlessly when bridging is off.
All I get is a database query problem message.

ryansdistrict

all gone wrong !
i installed the script in the wrong way i just  uploaded the plugin without doing previous steps and here is the result
http://lebanese.in/photos/
please can u help me fix this or remove it

Thanks

paterczm

LaLLe:
I think I know why it doesn't work with bridging, I hardcoded column fields in my queries. They should be taken from bridging configuration. I didn't pay attention to this because I'm not interested in the bridging feature. Should be easy to fix for someone with bridging set up ;)

ryansdistrict:
Use plugin manager to remove it. If you want to get it to work, please execute all the steps.

profili

I'm not sure about step 2. How to install FirePHPCore 0.3.2?

paterczm

Quote from: profili on August 15, 2011, 10:57:48 PM
I'm not sure about step 2. How to install FirePHPCore 0.3.2?

Download it from http://www.firephp.org/, unpack and upload to /FirePHPCore directory on your server.

profili


profili

I'm unsure about steps 4 and 5 too.

4. Install the plugin - just install or should I activate it too? I ask because I did it and it ruined my whole gallery.

5. Use phpMyAdmin to set plugin_facebookauth_* configuration parameters: - How and where do I do this with phpMyAdmin. A step by step guide please.


Gutty

awesome plugin, im halfway through installing it, but come to a bit of a crossroads...

Quote
5. Use phpMyAdmin to set plugin_facebookauth_* configuration parameters:
Set plugin_facebookauth_application_id with the Application ID you got in step 1
Set plugin_facebookauth_application_secret with the App secret you got in step 1
Set plugin_facebookauth_firephp_path with relative path to Fire PHP, e.g. if your gallery is available at http://yourdomin/gallery/ and Fire PHP is available at http://yourdomain/FirePHPCore, then the default value "../FirePHPCore" is correct.

in phpmyadmin, there is only plugin_facebookauth_users.
should i be adding a query to put the other values in? as there are none currently.
this is what shows up for me...(see attached screenie)

Please advise what to do here...
thanks team

paterczm

Quote from: Gutty on August 17, 2011, 10:17:24 AM
in phpmyadmin, there is only plugin_facebookauth_users.
should i be adding a query to put the other values in? as there are none currently.

Hello Gutty. <cpg_prefix>_plugin_facebookauth_users will contain names of logged in users. Plugin properties can be found in <cpg_prefix>_config.

paterczm

Quote from: profili on August 16, 2011, 01:06:31 PM
I'm unsure about steps 4 and 5 too.

4. Install the plugin - just install or should I activate it too? I ask because I did it and it ruined my whole gallery.

5. Use phpMyAdmin to set plugin_facebookauth_* configuration parameters: - How and where do I do this with phpMyAdmin. A step by step guide please.

4. Yes, install and activate. How did it ruin your gallery?
5. Please look at my recent reply to Gutty.

Gutty

awesome, thanks for that. all working and looks awesome. i had to make sure my canvas url was right though. just left it blank and it worked.

maybe state in your first post that the info is in config_ section of phpmyadmin.

thanks for the plugin :p

paterczm

Quote from: Gutty on August 18, 2011, 12:25:27 PM
maybe state in your first post that the info is in config_ section of phpmyadmin.
I would, but I don't see a way to edit it now...

Martur

In step 3 I did as described but when activating the plugin no page of the gallery is loading with the error message:

Fatal error: require_once() [function.require]: Failed opening required '../FirePHPCore/FirePHP.class.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/clients/client1/web11/web/Wedding/cpg15x/plugins/facebookauth/codebase.php on line 23

Then I installed FirePHPCore from pear with success but it still does not work. I even copied the FirePHPCore directory to /usr/share/php but that did not help either...

Martur

Sorry, I meant step 2 in the above post

paterczm

Quote from: Martur on August 20, 2011, 12:42:02 PM
In step 3 I did as described but when activating the plugin no page of the gallery is loading with the error message:

Fatal error: require_once() [function.require]: Failed opening required '../FirePHPCore/FirePHP.class.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/clients/client1/web11/web/Wedding/cpg15x/plugins/facebookauth/codebase.php on line 23

Then I installed FirePHPCore from pear with success but it still does not work. I even copied the FirePHPCore directory to /usr/share/php but that did not help either...

Since cpg15x is your gallery directory, you should put FirePHPCore in /var/www/clients/client1/web11/web/Wedding/ in order for the default include path (../FirePHPCore) to work. Or you can put it somewhere else and change the FirePHPCore path with plugin_facebookauth_firephp_path setting.

Martur

I changed that but now I am running into new problems. The Login link is displayed but it is pointing to a page that does not exist. I guess it should point to GALLERY/plugins/facebookauth/facebookauth.php but instead it goes to GALLERY/facebookauth.php


paterczm

Quote from: Martur on August 21, 2011, 06:11:12 PM
I changed that but now I am running into new problems. The Login link is displayed but it is pointing to a page that does not exist. I guess it should point to GALLERY/plugins/facebookauth/facebookauth.php but instead it goes to GALLERY/facebookauth.php
Please execute step 3 from setup instructions. You'll find additional explanations in 'Why the url rewrite rule?' section.

paterczm

New version, with 2 additional features:
* Notify admin when a new cpg account is created by this plugin (plugin_facebookauth_newuser_notify property, default 1)
* Disallow first time users, i.e. facebook authentication will work only fork existing cpg accounts (plugin_facebookauth_newuser_allow property, default 1)

streetstars

Guys,

iam not getting any were here

i have done as said but iam only getting a white screen now when iam accessing the gallery site.

It is also not givng me the login via facebook option although the settings are set right.

Pls let me know what you need