Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Hi, the Connect button currently redirects to facebook in the main window. Is there a way to have a "popup" window instead?
Comment | File | Size | Author |
---|---|---|---|
#77 | Issue-1364698-Popup-Dialog-Login.patch | 11.8 KB | vlad.k |
#73 | fboauth.code_.1364698-73.patch | 16.19 KB | mike.davis |
#68 | lxfacebook_0.zip | 5.79 KB | altamar17 |
#66 | fboauth.code_.1364698-66.patch | 17.4 KB | mike.davis |
#63 | fboauth-popup_modal_compatible-1364698-63.patch | 15.57 KB | mike.davis |
Comments
Comment #1
quicksketchI've considered doing this, though really a full redirect is the safest way to log into Facebook as a user can always see the URL of the browser (which helps prevent phishing) while avoiding pop-up blockers and users who can only handle one window at a time.
It's definitely an option, but I don't have any plan on implementing it. Using a modal window is frowned upon from a security perspective and it's bad practice to teach users to blinding enter in login/pass into an iframe where they can't even see the URL. So popup is the only real option here, which I'm just not very excited about implementing.
Comment #2
Anonymous (not verified) CreditAttribution: Anonymous commentedOK, clear. I was used to the FB Connect module which does a popup with address bar ;) I switched to FBOauth because it's cleaner, better. I'm fine with the redirect. And maybe I'll have a look at something like this for a custom implementation,
https://apps.facebook.com/oauth-and-popup/
Comment #3
quicksketchMoving this to postponed. Really I'd say this is "by design", but I'll leave it open for others who may make similar requests.
Comment #4
grasmash CreditAttribution: grasmash commented@morningtime If you successfully created a custom solution for this, would please share?
Comment #5
grasmash CreditAttribution: grasmash commentedI managed to get a facebook login popup working with FBOauth by using facebook's Javascript SDK. I'm not crazy about it, but it works.
I thought I should post the code here for a couple of reasons:
The basic tasks that need to be performed to implement this are:
Yuck! My concerns here are that we're potentially exposing the access token in the URL.
Any ideas for improvement?
Here are the steps in detail:
1) Generate page markup (I did this via a custom block):
2) Add the javascript file called by drupal_add_js:
3) Modify the default connect button using theme_fboauth_action__connect():
4) Modify fboauth.fboauth.inc. This is the part that I don't like, but I think that it's necessary. The Javascript SDK won't return $_REQUEST['code'], which is required by fboauth_action_page() when it calls fboauth_access_token().
However, the Javascript SDK does return the access token directly, so there's no need to call fboauth_access_token(). That means we just need to modify fboauth_action_page() so that it checks for the access code returned by Javascript.
@line 36 in fboauth.fboauth.inc:
Comment #6
grasmash CreditAttribution: grasmash commentedFurther thoughts:
Facebook's oauth authentication api does allow us to pass a 'display' parameter with value 'popup' in the $_GET array. However, this does not change the redirect functionality-- it simple styles the authorization in the style of a popup.
We could use this in conjunction with Javascript to open the authentication page in a popup. I tried this, but ran into the following issue: there's no way to pass information back to the parent window, which will need to be redirected to request_uri with the $_REQUEST['code'] value.
Any ideas for getting around this?
Comment #7
grasmash CreditAttribution: grasmash commentedAck. Just realized that code from #5 only works for initial registration, not subsequent logins.
Comment #8
quicksketchThanks @madmatter23 for your insights. Could the display parameter being set to "popup" help with the problem at #1491272: Go to App vs. Login?? Maybe we should always ask for the popup version even though we're not actually doing a popup.
Comment #9
grasmash CreditAttribution: grasmash commentedI also considered setting the display to 'popup' for all requests. Unfortunately, the popup display is styled (CSS) for popup display. Using it with a fullscreen browser results in a poor user experience. For instance, the 'allow' button will appear in the far bottom-right hand corner of a user's screen when granting facebook permissions.
Comment #10
guy_schneerson CreditAttribution: guy_schneerson commentedthanks @madmatter23,
Re #5 point 4
Modify fboauth.fboauth.inc. -
I think this is a valid patch as it supports both the handling of a request with a code or a request with a token, this makes the module more versatile.
I am including your code as a patch (even if it not committed would make it easier to support this functionality when upgrading)
re #7
We use FB.getLoginStatus(function(response) to check if the user is already connected (authorized our app) and if he is get the token:
var accessToken = response.authResponse.accessToken;
and call fboauth/connect to automatically log the user in
Comment #11
grasmash CreditAttribution: grasmash commented@guy_schneerson
Thanks for rolling that patch. If quicksketch commits it, I'll add the 'popup' feature my sandbox Facebook OAuth Extras module (still very messy) so that others can more easily emulate it.
Also, thanks for addressing #7. I'll try using FB.getLoginStatus() to handle subsequent logins.
Comment #12
grasmash CreditAttribution: grasmash commentedJust gonna switch this status now that there's a patch attached.
Comment #13
ofktoubro CreditAttribution: ofktoubro commentedI just did:
Step 1, 2, 3 in #5 and applied the patch in #10
And it seems to work... Clicking the buttons results in a popup, the text is "Log in" not "Connect" and the facebook authorize button in the popup says "Log in" and not "Go to app" - GREAT! :)
Except:
I really want the "Log in" button to go away and the functionality of both "FBOauth" and "Facebook social plugins integration".
Comment #14
ofktoubro CreditAttribution: ofktoubro commentedOk, it turned out that I hadn't put the app id in the "Facebook social plugins integration" settings... And that caused the display error mentioned in #13-2.
Comment #15
relaxy CreditAttribution: relaxy commentedDoes somebody know how to make it work with Drupal 6?
Comment #16
relaxy CreditAttribution: relaxy commented=> #15
For Drupal 6 we just have to modify the JavaScript this way:
Comment #17
relaxy CreditAttribution: relaxy commented=> #7
The quick and dirty solution would probably be to disconnect the user right after login:
Comment #18
Frederic wbase CreditAttribution: Frederic wbase commented@guy_schneerson
I've tryed to apply your patch, but i get the following error:
any thoughts?
grts
Frederic
Comment #19
Frederic wbase CreditAttribution: Frederic wbase commentedOk, i 've aplyed the patch by moving it into the includes folder.
But i still get no popup :(
Comment #20
guy_schneerson CreditAttribution: guy_schneerson commentedHi Frederic
re #18 did you manage to apply the patch?
re #19 The patch doesn't change the login into a popup but facilitates it. you will need to add custom code and a Javascript to get this functionality.
If the patch in #10 is committed we will be able to create a supporting module for popup login
Comment #21
Frederic wbase CreditAttribution: Frederic wbase commentedHey Guy
Thanks for your support!
I've managed to apply the patch from #18.
Tonight i will break my head for the custom code that is needed for creating the popup, i will post my comments in this topic.
grts
frederic
Comment #22
Frederic wbase CreditAttribution: Frederic wbase commentedMhmm i've tried everything in this thread, but the button doesn't display correctly.
I've added the custom block and js via a custom module, patched the fboauth module & added the theme function in template.php of my theme
Now i get this html markup
but no image or text at all, any ideas?
Comment #23
Frederic wbase CreditAttribution: Frederic wbase commentedIn the attachment the module i've created for this with the code suplied in this thread
Comment #24
tiborg CreditAttribution: tiborg commented@Frederic wbase
how to work this module? i installed, but i don't see nothing change. How do i to enable? or i need the patch above?
thank you
Comment #25
Frederic wbase CreditAttribution: Frederic wbase commented@tiborg
The module doesn't work.
I've uploaded it to let others see it and maybe we can create a sollution together.
The module is based on the code of #5.
You will still need to apply the patch and theme adjustments in template.php
grts
frederic
Comment #26
ffasbend CreditAttribution: ffasbend commentedI wrote a custom module for Drupal 6 to enable fboauth connect in a popup window.
Comment #27
Frederic wbase CreditAttribution: Frederic wbase commentedHey ffasbend
Thanks for this great addition to this thread.
I've tried to install your module on a drupal7 site, by just changing the .info file.
The module install without errors. But when i try to login to my drupal site with the fb button it redirects to a blank page.
Any thoughts?
Comment #28
Jorrit CreditAttribution: Jorrit commentedThe posts above are about getting a proper modal dialog, but for me a browser popup was sufficient. The advantage is that it is only one line of code (apart from the function definition):
I hope it helps some people.
[edit] this is not a full fix, because the redirect_uri will be opened in the popup. Some code has to be added to that dialog in order to close the popup and refresh the opener.
Comment #29
MarcElbichon CreditAttribution: MarcElbichon commentedHere's #26 for Drupal 7.
Works for me.
Comment #30
MarcElbichon CreditAttribution: MarcElbichon commentedBased on #26 code, here's a patch for Drupal 7 which adds a setting to show facebook login page in popup.
Patch for Drupal 6 will be post soon
Comment #31
MarcElbichon CreditAttribution: MarcElbichon commentedHere's #30 for Drupal 6
Comment #32
quicksketchThanks @MarcElbichon for converting this code to a patch. Though it wasn't in the standard Git format (http://drupal.org/patch/create), I got it applied eventually after some clean up.
The code needed some serious cleanup, but the overall approach looks really solid. I'm impressed that the code weight is so small. After my cleanup, there's even less code than before. This patch does the following:
- Eliminates the need for new menu entries.
- Makes it so that popups can be used for all Facebook actions, not just the connect button.
- Cleans up formatting and matches Drupal coding standards.
However there are still a few outstanding issues that need to be addressed before this can be committed:
- Not all actions should be forced to use the popup (IMO). We should have some way of letting actions opt-out of using the popup in hook_fboauth_actions().
- I couldn't find a good/easy way to indicate that a request being handled by FBOAuth had originated in a popup. Ideally we would pass Facebook a parameter in the query string that could come back to us when we're using a popup. Then we could be sure that we can close the popup with JavaScript instead of redirecting the user via drupal_goto().
Overall the idea seems to work great. We still need a bit of extra work before this is ready to go though. This patch is for D7. We can backport once its finished.
Comment #33
quicksketchSorry still a little cruft left over.
Comment #34
quicksketchOne last thing: I also found that this popup JS doesn't center the popup properly when I'm using two monitors and the active window is on the secondary monitor. The popup instead shows up over in my first monitor, which could be disorienting for users and they may loose the popup window.
Comment #35
MarcElbichon CreditAttribution: MarcElbichon commentedHave you tried http://stackoverflow.com/questions/57652/how-do-i-get-javascript-to-open... ?
Comment #36
sandykadam CreditAttribution: sandykadam commentedPatch fboauth_popup_2.patch is working perfect. It opens a popup window dialog box, but it doesn't close automatically. Also it doesn't redirect to parent window.
Comment #37
StoraH CreditAttribution: StoraH commentedThe code in the patch #33 works great, thanks! Had problem applying it tho: fatal: corrupt patch at line 160
Created a new one with the same code that worked for me.
Comment #38
Anonymous (not verified) CreditAttribution: Anonymous commented#37 works great for me too.
It closes automatically and redirects to the parent window, works perfect.
@#34 we can improve centering on multiple displays... but I would go ahead with the patch as-is.
Comment #39
imoreno CreditAttribution: imoreno commentedHi,
#37 works great for me too, I think it can be committed.
the user experience is much better and also more familiar to the user from other facebook-login enabled sites.
very nice and needed enhancement.
Itzhak
Comment #40
sigveio CreditAttribution: sigveio commentedThe patch in #37 is not compatible with a scenario where the login form is displayed within a modal dialog, such as the ctools modal generated by the Modal forms module. It will grab the path of the modal instead of the parent window, and the user will (at least in my case) end up back at their profile page.
An e-commerce site who needs to offer login through a modal window during the checkout process, as an example, would run into issues with this. The user being sent away from the checkout page can result in lost sales.
Luckily, the solution is quite straight forward. I've created a patch based on #37, additionally adding the corrected destination handling.
It modfies fboauth_block_view() and replaces...
with
Which seems to do the trick for me. :)
Comment #41
quicksketchThanks @hoesi! And as I noted when I originally posted the patch, before this is RTBC, it would be preferable if we could selectively disable the popup option per-action.
Comment #42
MarcElbichon CreditAttribution: MarcElbichon commentedCan you provide a patch for D6 too ?
Comment #43
Pls CreditAttribution: Pls commentedNice work @hoesi! Patch from #40 works great for native popup functionality, haven't tested modal dialog. Would be happy to see this feature part of the module.
Comment #44
tomecruzz CreditAttribution: tomecruzz commentedHello I used the patch: fboauth-popup_modal_compatible-1364698-40.patch
but don't work :( dialog modal
$ patch -b -p 1 < fboauth-popup_modal_compatible-1364698-40.patch
patching file fboauth.install
patching file fboauth.module
patching file fboauth_popup.js
patching file includes/fboauth.fboauth.inc
patching file includes/fboauth.pages.inc
Comment #45
sigveio CreditAttribution: sigveio commentedThe patch works fine for me and others (I'm using it in production). You'll have to be a bit more specific tomecruzz. What doesn't work, and which modules are you using it with? There could be numerous reasons to why you are experiencing issues.
Comment #46
codewatson CreditAttribution: codewatson commented#40 seems to work for the most part for me, however I had setup a rule to redirect to a url after someone logged in, and with the popup enabled this seems to no longer get triggered?
Update:
Ok well apparently it wasn't working regardless, so I guess the rule condition for detecting if someone just logged never gets triggered when using fboauth.
Comment #47
sigveio CreditAttribution: sigveio commentedSounds like the culprit is the rule itself. You'd have to post the rule (exported) for anyone to chime in on that, though.
The point of my addition in #40 is to fix the redirection so that it respects Drupal's destination URL param. I.e. so that if the login-link contains
?destination=your/url/goes/here
- the user would end up atyour/url/goes/here
after logging in. Perhaps you can use this instead of the rule? :)Comment #48
codewatson CreditAttribution: codewatson commentedThanks for the response, as for the rule, its just the basic "User has logged in" event that comes with rules and then the "Page redirect" action. Not sure why that event wouldn't be triggered by logging in through Facebook?
Here's the export:
Regardless, I figured out that you can include the destination in the fboauth_action_display()/fboauth_action_link_properties() functions, so I got it all working how I need it to in the end (pretty much as you suggested!).
Ended up going with the fboauth_action_link_properties() function so I could customize how the link looked, and just added the fboauth-popup class to get it to open in the popup:
This all seems to be working well enough, you could probably commit the patch, and figure out the by action part later, as I imagine many people who use or would use this module would like the popup feature.
Comment #49
skchan2 CreditAttribution: skchan2 commentedThanks for this, patch #40 worked perfectly.
Would anyone be abe to point me to instructions on adding a hook into my custom module that would redirect new registers to a specific page that works with the popup?
#14 from the below thread works, but not with the popup. it just redirects in the popup window
https://drupal.org/node/1761954
Comment #50
codewatson CreditAttribution: codewatson commented@skchan2
Try this, just replace 'http://www.google.com' with wherever you want to send someone:
Comment #51
skchan2 CreditAttribution: skchan2 commented@dwatson
just tried that, it loaded the page in the main window, but didn't log the user in...something seems to be missing, also how would i use a custom image for the button?
thanks for your help.
Comment #52
codewatson CreditAttribution: codewatson commentedHmm strange, works for me. Maybe double check the patch was applied correctly?
Also, try it without the popup, see if that is working correctly, might tell is if it is just the popup or something else is wrong.
As for an image button, take a look at the l() function in the drupal api, the $options parameter (the third one) you can set html to true, so that drupal treats the first parameter $text as html instead of plain text. You can then set $text to html for an image.
ex:
Comment #53
skchan2 CreditAttribution: skchan2 commentedThanks for the image tip.
hmm...weird doesn't create the profile with or without the popup...am i missing something, another patch maybe?
I only apply the #40 patch using netbeans.
Thanks,
Comment #54
codewatson CreditAttribution: codewatson commentedOK did some experiments. Question one, which version did you apply the patch to? I found that if I applied the patch to 7.x-1.6, everything works just fine. If I apply the patch to 7.x-1.x-dev, the popup does not work correctly.
Comment #55
skchan2 CreditAttribution: skchan2 commentedi think i found the issue, i had old code from testing out other methods...cleaned it out and now its all good.
Thanks for your help.
Comment #56
codewatson CreditAttribution: codewatson commentedGlad to help.
Unfortunately, as I discovered, this patch does not work correctly with the latest development snapshot, haven't had time to look into why.
Comment #57
sigveio CreditAttribution: sigveio commented@dwatson: Care to elaborate on "this patch does not work correctly" please?
What's supposedly broken/not working? And what makes you believe it's an issue with the patch itself?
It seems to apply cleanly (to latest dev);
$ patch -p1 < fboauth-popup_modal_compatible-1364698-40.patch
patching file fboauth.install
patching file fboauth.module
patching file fboauth_popup.js
patching file includes/fboauth.fboauth.inc
patching file includes/fboauth.pages.inc
Which makes me suspect there might be something else that's broken in your case. E.g. conflicting modules/code, or something.
I'll see about setting up a new/clean test environment a bit later and verify whether things are working, as I've got the original environment for #40 at work. Any information you can provide in the meantime would be helpful. I don't have a lot of time to spend on it either.
Comment #58
codewatson CreditAttribution: codewatson commentedI setup a clean environment and tested the patch on both the 7.x-1.6 and 7.x-1.x-dev. The patch applied cleanly to both. However, the popup would not work on the dev version for some reason, not sure why, and haven't had a chance to investigate further.
Comment #59
codewatson CreditAttribution: codewatson commentedWell just tried it again on a fresh install with the dev version and this time it worked, maybe it was a caching issue in-between versions or something, as i made sure i cleared it between installing the 1.6 and dev.
Comment #60
sigveio CreditAttribution: sigveio commentedGreat to hear - thanks for double checking it. :)
Comment #61
mike.davis CreditAttribution: mike.davis commentedHere is an updated patch based upon #40 with various enhancements and bug fixes for the following:
Comment #62
mike.davis CreditAttribution: mike.davis commentedSorry I missed the additional js file for the popup window in the previous patch, so here is an updated patch.
Comment #63
mike.davis CreditAttribution: mike.davis commentedI have updated this to redirect the user to their edit page (if the password is blank) on connecting to Facebook to show the warning message about their account not having a password.
This helps to highlight to the user that their account has been created but doesn't have a password against it.
Comment #64
joco_sp CreditAttribution: joco_sp commented#63 worked for me on version 7.x-1.6
Comment #65
asak CreditAttribution: asak commented#63 worked fine for me.
only thing i found - the add .js file is being added in the code of the block, but when using code to directly place a connect button not using the block it is not added, so i had to add it manually. I think optimally a checkbox can be provided to let the admin chose if they want to include the JS in every page or not and then add it in hook_init() or the like.
Other then that - works like a charm.
Comment #66
mike.davis CreditAttribution: mike.davis commentedHi asak, thanks for reviewing the patch & your suggestion. I have updated the patch, as suggested, with an additional checkbox which will load the js file on every page load rather than just when the block is loaded.
Let me know how you get on with this.
Comment #67
asak CreditAttribution: asak commentedYea that's better - however, one more issue i noticed regarding this -
The JS should actually not be loaded on the "deauthorize" page, since it's not needed there and opens an empty popup ;)
So i guess that even when the variable is set to TRUE, it should still not load on the /fboauth/ path ...
I suppose the correct thing to do is to make the JS not trigger for the de-auth button,
but since a user should never have both the de-auth button AND the connect button showing on the same page - this isn't necessary...
Comment #68
altamar17 CreditAttribution: altamar17 commentedHere's #26 for Drupal 7.
Works for me. Good lucky.
Comment #69
krystlc CreditAttribution: krystlc commented#68 works great except the button doesn't appear on my registration form (the code says it will appear there).
other than that, it's perfect!
Comment #70
dunklea CreditAttribution: dunklea commentedFrom this snippet in patch in #66 it looks like the user will be redirected to their user/edit page (or $destination if their password is somehow empty). I'm looking for a solution to keep the user on the same page, with query strings intact. Any advice?
Thanks,
Andrew
Comment #71
sigveio CreditAttribution: sigveio commented@dunklea: The snippet you are referring to looks to be for a particular error case. This part, from my #40 (also included in #66), makes sure to keep the user on the same page providing the appropriate destination is set:
Comment #72
mike.davis CreditAttribution: mike.davis commentedGood point @asak, typically the one bit I forgot to test :). I'll have a look at this and repost a patch to handle this as well.
Comment #73
mike.davis CreditAttribution: mike.davis commentedHi @asak, here is an updated patch with a fix for the deauthorise page.
Comment #74
ggarry CreditAttribution: ggarry commented#69 did you figure out how to add it to registration page? It isn't showing for me either.
Comment #75
jomarocas CreditAttribution: jomarocas commentedsomething have a patch with login with ajax, without reload the page
Comment #76
v8powerage CreditAttribution: v8powerage commentedMy redneck solution: In function
theme_fboauth_action__connect
put this:It will stay in same window and reload it, instead of opening another one, git r done!
Comment #77
vlad.k CreditAttribution: vlad.k commentedI couldn't apply the patch in #73 against the newest dev version, because it is already one year old and the module code has changed over time. Also the newly added js file was missing in #73. It took some time to figure things out and create a new patch. But the good news is that it works like a charm!
Please commit this!
I didn't do any functional changes, just integrated the changes manually in the current dev version of the code. The popup is great functionality, it works and all the good work already put into this issue gets lost for the community if it is not commited soon and the patch file stops working again.
Attached you find a version of the patch in #73 against the newest development version (from yesterday April 1st, and no this is no April prank...).
Please review and commit. It was really a pain to work things out manually, but now it is not much code and it works. It shouldn't be to much effort to review and commit. Please.
Comment #78
DarrellDuane CreditAttribution: DarrellDuane commentedI tested this and its not working for me. When I click on the button it opens a new window. I've cleared my caches and run update.php. Anything else I can do to debug it? I do agree we need to get this in ASAP.
Comment #79
DarrellDuane CreditAttribution: DarrellDuane commentedok, I see the problem, I didn't turn it on. I'd like to have this feature turned on by default. I will set it up to be that way.
Comment #81
DarrellDuane CreditAttribution: DarrellDuane commentedOK, this functionality has been comitted to the 7.x-2.x-dev branch.
Comment #82
DarrellDuane CreditAttribution: DarrellDuane commentedComment #84
DarrellDuane CreditAttribution: DarrellDuane commentedOk, this didn't make it into 7.x-2.x-dev yet, putting it in now. Done.