Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Logic Behind Social Login

Tags:

authentication

logic

facebook-login

google-signin

login

I have created a nice little login script for my website that lets users login with Facebook or Google at the moment.

What I am trying to do is set some checks to make sure that duplicates do not appear in the database.

Here are some scenarios I have covered :

  • Login with Google/Facebook account and I have already registered this account, This will log the user straight in as they have already linked this account.
  • User has already registered with Google account, yet clicks Facebook because they cannot remember which account they used. This will alert the user that the email address returned from Facebook has already been registered with a Google account. This will enable them to click on Facebook to Login ??? NOT SURE ON THIS LOGIC AT THE MOMENT ???
  • User clicks on Google/Facebook to login, yet the email address returned is a user that went through the manual registration. This will alert the user that the social account they are trying to login with will require a password.

What I am thinking of doing is allowing users to LINK ACCOUNT so that the alerting process does not happen because I can link my facebook account to my google account through my website, and vice versa etc etc.

What I am asking :

Are there any other checks I may be missing? Is this logic sound? Is there anything I am doing which makes you question the login process??

Basically asking logic advice on this one.

like image 450
JustSteveKing Avatar asked Nov 20 '14 10:11

JustSteveKing

People also ask

What data do you get from social login?

Social login gives you access to much more information about your consumer base, allowing you to filter content according to their demographic, specific interests, and personal circumstances. Basically, it allows you to personalize the user experience.

Is social login worth implementing?

Is social login worth implementing? The big picture is, yes, social login improves experiences for businesses and end users alike. However, we advise taking a few additional steps to ensure that your social login experiences are secure. To avoid account takeover, back up social login with multi-factor authentication.

What social login means?

Social login is a single sign-on (SSO) technology that allows users to authenticate themselves on various applications and sites by connecting through a social media site rather than typing a separate ID and password on each website.

1 Answers

Well congratulations! You're almost on the right track. Let's breakdown your situation here.

Ideal Situation

1. Registered on your site
2. Log in with Google
3. Log in with Facebook

Now, let's take the common denominator here, I mean the primary key. I am guessing in your case it should be the email address.

Actual Process Flow

1. User registers. You save the email address

Or,

2. User registers with Google/Facebook and you save the email address.

Login Procedure

1. You receive the email address either from direct login/facebook/google.
2. You match it against your table
3. On positive match, you link this social login to an existing account

If,

4. It is not a positive match then you accept whatever data you receive and then forward
   and then pass on to the registration page.

Hope this helps! Let me know if you want to know anything else.

Cheers!

like image 61
Chris Roy Avatar answered Oct 19 '22 15:10

Chris Roy
Sign in to Comment

Related questions

Python login into a website with javascript form
Implementing log in alongside suPHP
How to store google api (OAuth 2) permissions?
Recognize if user has defined a native facebook account in iOS 6 settings
ParseFacebookUtils [V4-1.9.1] logInWithReadPermissionsInBackground invalid date
ios Facebook login : com.facebook.sdk:ErrorLoginFailedReason = invalid_client
Google Sign-in iOS account picker
Flutter: How to handle screens that require authentication?
Mount TrueCrypt volume on login in Ubuntu
PHP Multi site login
Email address as username in svn+ssh login?
How to set up Django app to make cookies work on subdomain
secure PHP login system?
Double Set-Cookie in Magento, leading to a login issue for some users
What google image can I use in my site for "Login with google"
How to save user last login date if he was logged in with external login provider using ASP .Net Identity?
Using OpenID how do you handle 2 accounts with the same nick
Why is it a bad idea to use ClientLogin for web apps in the Google API?
How to Login to Youtube Using PHP?
Alternative log in & authentication methods (for elderly people)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!