Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How can I combine multiple signup options facebook twitter openid

I want to build a login system with javascript and PHP, that will let users use existing accounts to login to my site.

They should be able to use at least these accounts...

  • Facebook
  • Twitter
  • Google
  • Yahoo
  • OpenID

plus option to create an account on my site if they don't have a login above.

I have seen all these services below which offer what I am wanting to do,

  • http://www.janrain.com/products/engage
  • http://www.gigya.com/social-login/
  • http://www.loginradius.com/loginradius/demo.aspx
  • http://www.lanoba.com/

I would like to build this myself or use some open source project. In other words, I do not want a 3rd party to handle this like the sites above.

So does anyone know if an open source project exists that can handle this, or point me in the direction on how I should create this? (I can do PHP and javascript, so asking more about the design theory/project flow, more than how to code it)

I am aware that there might be similar questions, but I have not found what I am looking for.

like image 619
JasonDavis Avatar asked Sep 20 '11 04:09

JasonDavis


1 Answers

It's not so simple, unfortunately. I don't know any existing library, so here are some thoughts about what would need to be done. I'm going to assume that you want to create an open source project -- if that's wrong, ignore the parts concerning other possible users of your project.

Protocols

Both Google and Yahoo are OpenID providers, so you easily have three points off your list. I recommend LightOpenID for that. (disclamer: I wrote LightOpenID)

Twitter and Facebook use OAuth, so you need to find a suitable library that supports it.

Interface

You probably want to have a unified login interface for all the methods. For that, extending OpenID Selector might be a good idea.

Database storage

That's the hardest part. You'll have to store the authentication data in some sort of database. Many people will want to use mysql, some postgresql, and some may even want to store them in text files. Even if you decide to use only MySQL, there are a lot of adapters in php, and they aren't interchangeable. Of course, you could require a library to do that, like Doctrine, but it will be probably orders of magnitude bigger than your project. And it won't integrate well with frameworks.

Depending on your needs, the best solution may be to require the user to implement functions like addAccount($type, $login, $password), userAuthenticated($login), checkPassword($login, $password), etc.. It certainly gives the most flexibility to the user, but requires effort to start using it.

I'm not saying, of course, that this solution is perfect, or even good for your case -- it's the best I can think of now.

Integration

In order to use an authentication mechanism, it needs to be integrated into the application. So you can't force any particular interface, but you should give a good default. You can't force a database choice, but you should make it easy to implement and give good, ready to use examples for some common cases. So I'd recommend separating the protocol support from interface and storage parts.

That's about it. I can't think of anything else right now.

like image 116
Mewp Avatar answered Nov 03 '22 23:11

Mewp