ajax angular ionic-framework facebook-login

Prevent Hacking Via Facebook Login API

I'm developing an app with Ionic 3 and Angular 4, and also implementing Login With Facebook button (and logic). I don't understand how to secure this process. The API returns the user's email + id and then I need to send them to my server to register / log in the user. But how can I be sure that nobody "fake" the ajax call with those user email & id? And skip the whole Facebook Button process? I don't get it at all - no matter what the API returns - I need to send it to the server via AJAX, and anyone can fake this process and send specific parameters with AJAX.

Solution

A good way is to send the Access Token to the server and make the API call to the Facebook API there. You can/should activate "Require App Secret" in the App settings:

Only allow calls from a server and require app secret or app secret proof for all API calls.

Using addEventListener and getElementsByClassName to pass an element id
jQuery how to fix Cannot set property '_DT_CellIndex' of undefined?
How do I use jQuery promises to chain one ajax call, then a loop of ajax calls, then make use of an accumulated result?
How do I resolve a CORS issue in an Ajax POST to ASP.NET Core 6.0 Web API?
How can I reinitialize Slick carousel after appending new content via AJAX
Paging Through Records Using jQuery
XHR Upload Progress is 100% from the start
Will frequent polling overload the server? If so, what's the best way of implementing live updates?
PHP image upload issue. Uploads images that are web optimised but not the original image
Fancybox 3 ajax load image gallery
Why do people put code like "throw 1; <dont be evil>" and "for(;;);" in front of json responses?
How to get file name from content-disposition
How can I send data from form vue 3 to server laravel
Simple wordpress ajax query is not working
How to pass along CSRF token in an AJAX post request for a form?
Add a message when adding Wordpress Category
How can I convert a JSON object to a custom C# object?
What is the 302 error code that jQuery AJAX is throwing?
What is different in my Ajax vs XMLHttpRequest Call that lets my Server understand Ajax but not XMLHttpRequest?
Unexpected results when using .net ajax & paging in sharepoint web part with c#
Add onclick event to SVG element
Cannot reinitialise DataTable - dynamic data for datatable
Laravel javascript variable get in blade file
how to load partial view in ajax in asp.net core
pass custom class with IFormFIle and List<object> via Ajax to .NET Core 8
Debug a single PHP file with $_GET parameters in NetBeans/Eclipse/PHPstorm (AJAX API)
Server side paging with ajax & jQuery
Implementing Paging functionality on a Ajax search based Webcontrol
Origin <origin> is not allowed by Access-Control-Allow-Origin
Are there any good examples of ajax paging?