All geek questions in one place

When using Omniauth to register with Facebook, why is sometimes a user email address not included in the authentication hash code?

I use Rails 3 + Devise 1.5 + OmniAuth through the omniauth-facebook gem so that users can register for my application via Facebook.

I have everything that runs smoothly, except from time to time I have someone who signs up for my application using Facebook, and the authentication hash code does not contain the users email address (although it includes myself a lot of other attributes.) Again, most when I receive an email, but why is it not included for a while? Is there a way to set Facebook’s user privacy settings so that my application can receive all kinds of data, such as name, gender and time zone, but not an email address? I tried to make my own email address on my Facebook profile private, but I could still log in to my application with Facebook.

Here is an example of a hash that I got about omitting an email address (actual information with censorship):

"name" => "XXXX XXXXXX", "first_name" => "XXX", "last_name" => "XXXXXX", "image" => "http://graph.facebook.com/XXXXXXXXXX/picture? Type = square "" URL "=> {" => "http://www.facebook.com/XXXXXXXX Facebook"}}, "powers" => { "marker" => "", "expires_at XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" => 1329364800, "expires" => true}, "extra" => {"raw_info" => {"id" => "XXXXXXXX", "name" => "XXXX XXXXXX", "first_name" => "XXXX", "last_name "=>" XXXXXX "," link "=>" http://www.facebook.com/XXXXXXXXX "," username "=>" XXXXXXXXX "," gender "=>" female "," timezone "=> - 5, "locale" => "en_US", "verified" => true, "updated_time" => "2012-02-15T00: 01: 23 + 0000"}}}

Thank you very much in advance!

+4
source share
2 answers

When a user is presented with a Facebook authentication dialog, they have the option to prevent the sharing of their email address before authenticating. Perhaps this makes it now display in the auth hash.

Try canceling your test account, and then repeat authorization through your application. In the Facebook dialog box, he should specify all the permissions that you request, including email. In the far right - gray "X", which will prohibit a specific permission. Try disabling email and see if it reproduces what you are experiencing.

I believe this is a separate privacy control from the email privacy settings.

0
source

There are at least a few reasons why this could happen:

  • A person registered using a mobile phone number instead of an email address, so they do not have an email address registered with Facebook. (see the Facebook Login Basics man page, which confirms that you can do this: https://www.facebook.com/help/418876994823287 )
  • They have an email address registered with Facebook, but it is not verified. According to this question: Is it possible to check if the email is verified on Facebook? Facebook will not return an unverified email address (although they had to provide a phone number to verify the account before logging in). However, I did not confirm this behavior.
0
source

Source: https://habr.com/ru/post/1396763/

More articles:


All Articles