search

tinderjs / tinder-desktop

Use Tinder from your desktop, for Mac OS X, Microsoft Windows and Linux
https://tinderjsblog.herokuapp.com/
97 stars 25 forks source link

Use tinderauth #98

Closed run1t closed 8 years ago

run1t commented 8 years ago

It could be a good improvement to use the tinderauth repo to get the tokens, as is we don't have to login every times and can integrate the login form directly in the main window.

mayeaux commented 8 years ago

Yeah, we could store the username and password as well. One thing to note is that tinderauth takes a while to run because ZombieJS is so slow, and it isn't super tested either, I'm not sure it's super robust

stuwil commented 8 years ago

Hey guys,

I'd strongly urge against doing this. We should let Facebook handle user credentials... a few reasons:

  1. In general, asking users for credentials to another application is super sketch, which is one of the reasons everyone uses OAuth.
  2. We have nowhere we can safely store the password, and the burden/liability of managing passwords for another app isn't something we should be dealing with.
  3. 2FA enabled on a Facebook account means the user would have to enter their token in the window anyways. This isn't just a technical problem, as anyone who has 2FA enabled probably wouldn't put their FB credentials directly into our app anyways - see point 1.

Check out #91, which fixes some issues, including constantly getting prompted for your password from Facebook. We can take advantage of the existing Facebook session (if the user opted to remember the computer) to generate Tinder tokens as needed.

mayeaux commented 8 years ago

Yeah agreed, let's not even open that can of worms, if we fix the issue where we're logged out all the time we should be absolutely fine, those xAuthTokens that Tinder gives back are pretty hardy and can be used for quite a while.