how to integrate facebook login with your website?

Question

I made some research and i can't seem to completely understand how to integrate Facebook login with your website.

I'm trying to do this for an old fashioned PHP shop that, up till now, doesn't use any type of login, but only a session that allows users to browse across pages and add items to cart.

I read here, on Stack Overflow, that you need a table in your database to keep the user's email address and facebook_id. So after that I can hook up with other tables in my database in order to provide info and much more to each user?

Are there other ways to easily integrate your website with Facebook and Google accounts? I read something about OpenID, but didn't really understand what's its use :)

So that's why I'm asking you to put me on track :). I'm really new with this and any advice, best practices etc. will be greatly appreciated!

Answer 1

The idea behind Facebook login is simple: The user goes to the Facebook page, logs in there, Facebook worries about the details and eventually just gives you (your server) a thumbs up and an id, meaning "we have positively confirmed the identity of this user, it's user 174264384". Your server is then free to do whatever it likes with this information. If you want to track a user across several visits then yes, you'll probably want to store that number in a database together with any additional information. The next time Facebook tells you user 174264384 has logged in, you can get any associated information back out of your database.

Hope that helps as a 30,000 feet overview. The details of how Facebook can securely authenticate a user and hand this information back to your server are best handled by the PHP SDK. Read the documentation if you want to explore the details.

OpenID basically does the same thing, only the technical details differ and it's not specific to Facebook. Oauth is another very similar technology.