Tank Auth with Twitter authentication & Facebook

[eluser]Noobigniter[/eluser]
Ok, small problem for me :/
Thank you.

[eluser]Devon Lambert[/eluser]
DISREGARD, Figured it out by mixing your auth library with Elliot Haughin's.
------------------------------------

Not sure if you’ve run into this, but with both your library, and Elliot Haughins Facebook Connect library I am experience redirect issues in Chrome whenever I authenticate using an FB:login-button. Checking around the console I discovered that it was screaming at me because of an unsafe Javascript attempt to connect to one secure url from my site’s non - secure url.

This seems like it would be a common scenario that many developers would run into, since you are not usually coming from a secure url until you’ve logged into a secure area of a site?

However, you never mention this in your tests. Basically this stops the authentication from occurring until I manually close the FB iframe and reload the page?

Any ideas?

[eluser]andychurchill[/eluser]
I'm liking this a lot The only thing missing now is the ability to register via one method and then link other auth methods to your account at a later date, but I guess that's something I need to add myself as I can't always expect to get a free lunch.

[eluser]andychurchill[/eluser]
and if I've understood Tank Auth correctly, it looks like you can disable username registration and work solely with email addresses in Tank Auth, but it looks like the "auth_other" extra info view included in this doesn't handle that conditionally, so requires hacking to make it work if you don't require usernames?

I definitely need to think about this a bit more before I start making the necessary changes.

[eluser]Dacus[/eluser]
Just found a critical error in models/user_model.php file, see function get_user_by_email(). I will try to explain it in my poor English.

There it is used a SQL query with so called theta-join on two tables, users and user_profiles, which have both the id field:

Code:

SELECT * FROM users u, user_profiles up

Value from the id field from second table overrides the value from the same field from the first table, therefore the following code from controllers/auth_other.php (function fill_user_info()) is wrong:

Code:

$new_user = $this->user_model->get_user_by_email($email);
$user_id = $new_user[0]->id;

Instead of user ID the $user_id variable will contain user profile ID!
If by some reason both IDs, for user and for his profile, are not the same (sooner or later they will not be) than the Facebook/Twitter/GFC IDs for all new users will be assigned to wrong users! What will happen next I think everyone understands (users logging in to wrong accounts and huge problems for administrators).

Proposed solution 1
In controllers/auth_other.php, function fill_user_info(), replace

Code:

$user_id = $new_user[0]->id;

with

Code:

$user_id = $new_user[0]->user_id;

Proposed solution 2
In models/user_model.php, function get_user_by_email(), replace

Code:

SELECT * FROM users u, user_profiles up

with

Code:

SELECT u.*, up.country, up.website, up.facebook_id, up.twitter_id, up.gfc_id FROM users u, user_profiles up

Any other proposals?