This project has moved and is read-only. For the latest updates, please go here.

Authenticating a given user

Topics: Developer Forum
Apr 26, 2009 at 5:58 AM
Edited Apr 26, 2009 at 10:13 AM
I've been playing with this code:

            Flickr flickr = new Flickr(ApiKey, SharedSecret);
            _tempFrob = flickr.AuthGetFrob();
            string flickrUrl = flickr.AuthCalcUrl(_tempFrob, AuthLevel.Read);

                Flickr flickr = new Flickr(ApiKey, SharedSecret);
                Auth auth = flickr.AuthGetToken(_tempFrob);
                UserFrob = txtFrob.Text = auth.Token;
                flickr.AuthToken = auth.Token;

The URL that opens requests that I log into my own Flickr account, then it tells me that I am requesting authentication for my app.  I assume it wants to log onto my account because the ApiKey/SharedSecret pair are registered to my account -- I don't see how or why else it would connect my Flickr account with the authentication request; I am not otherwise associating the request with my userID, etc.  Now, if some other user runs my app, and it still uses my ApiKey/SharedSecret, the same thing should happen, which would be essentially pointless.

How do I authenticate a user given their userID, so that it is that user being asked to log in, etc.?  I assume that if I can do this, then the Flickr object would have more access to that user's account, of course.  Or more importantly that a user of my app can get additional access to their own Flickr account.


OK, looks like it will authenticate whichever Yahoo/Flickr account is currently logged in in the default web browser (I am am logged in as two separate Yahoo/Flickr in two separate web browsers).  I guess it makes sense to work this way.  If my app is designed to access my two accounts in turn, I can store the tokens for each and use them as needed.
Apr 27, 2009 at 9:45 AM
Correct, if you log out of Flickr (and Yahoo) and then run it again it would prompt you to log in as any user you wanted to (note, boxes may default to your username/password due to browser caching).