Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Best Practice Login With Facebook, Twitter, Google or register

Tags:

php

oauth-2.0

facebook-login

twitter-oauth

facebook-oauth

I've managed to program a login with Facebook system in my PHP webapplication. But now I'm a bit stuck in best practices.

Do I have to save the user's userID to my Database, the user's e-mail-address and/or name and surname? I'm asking this because I'm thinking about users changing their e-mailaddress, who aren't being able to login the next time if so.

And how can I know that when a user logs in with Facebook, and the next time with Twitter for example, that it's the same user? Probably based on he's e-mail address? But I think if you haven't changed it your standard Facebook e-mail is [email protected], right?

I'm not asking for code here, please provide me some experiences or best practices.

like image 981
Stijn Hoste Avatar asked Apr 25 '14 21:04

Stijn Hoste

People also ask

Is signing in with Google account safe?

Sign in with Google authenticates you uniquely for each service. So, even if there is a data breach on any of the sites or services you use, your personal information on all other accounts stays safe from hackers.

Is signing in with Facebook safe?

It's generally best to avoid using Facebook or Google to sign into other sites if you want to protect your privacy and sidestep unnecessary security risks. Social sign-in requires you to share data and could make your accounts more vulnerable to hackers.

Can I join Facebook through Google?

Select “Google” from the pull down menu and you'll be asked to allow Facebook and Google to interact. Once you've authorized the connection your two accounts are linked! Now sign out of Facebook (but stay logged in to your Google account) and then go to the Facebook homepage.

1 Answers

As for me, the best practice is use oauth2 library (all socials are supported it) and use database with two tables: users and users_socials.

When the users are trying to login via social, your script will create records on tables and connect this tables via "one to many" relation. All socials return unique identifier for auth user and your script can insert it onto storage for use in further.

Table scructure and test data

Table user

user_id   | email
________________
1         | [email protected]
2         | [email protected] - if the social cannot return an email address

Table user_socials

social_id | user_id | social
____________________________
123213213 | 1       | facebook
332123213 | 1       | twitter
323232321 | 2       | vk

This pattern is good, because one user can connect many socials with his account

P.s. Facebook, Twitter, Google+ - return the user email

like image 192
Dmitriy.Net Avatar answered Sep 17 '22 20:09

Dmitriy.Net
Sign in to Comment

Related questions

How to add owl carousel to front page
Sessions not working in localhost but work in live server (Codeigniter)
OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
How to set up your own PEAR Channel?
Alternatives to apache_get_modules() to get list of loaded apache modules
PHP iDisk\Webdav Client
Preventing duplicate form submissions
Is it possible to dynamically register bundles in Symfony2?
Create a Picasa album and upload images to it with PHP and cURL
CSRF tokens - how to implement properly?
Disadvantages of using NodeJS instead of PHP
Execute a colorized command from a php script
Delete Image Files From Server
MYSQL wrong results output
Codeigniter form submit with file upload
Why is "hash('md5', 'string')" faster than "md5('string')"? [closed]
Why does PHP strlen() return negative length?
PHP-CLI not found
Executing AWS CLI command from php results in Unable to locate credentials
How do i ping the MySQL db and reconnect using PDO

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!