I'd like to allow my users to login to my website using my login system, or FB Connect or Google Login. I wouldn't want to use big libraries (like dotnetOpenAuth) for only those 2 options - So how should I accomplish this?
Additional question - how should I bind the FB/Google user to my inner user system? I'd like to allow to login using both of them (I could for example login using FB and then login with Google, and still be bound to the same user).
I'm using ASP.NET MVC 2
Thanks!
The service checks to see who you are on Facebook and creates a new account for you. When you sign into that service in the future, it sees that you're sign in with the same Facebook account and gives you access to your account. You don't need to set up a new account or anything—Facebook authenticates you instead.
Many websites use OAuth to allow users to sign into their applications and other people's applications. ASP.NET Core comes with OAuth authentication middleware, that makes it easy to use a third party OAuth 2.0 server for login.
If you don't like to use big libraries like DotnetOpenAuth you will have to manually implement the OpenID protocol. Here are the specifications you will need to conform to.
This being said, I would recommend you using an existing library. DotnetOpenAuth
is the reference library for .NET.
Also a small remark: OpenId and OAuth are different standards and are designed to achieve different things: OpenId
is for authentication while OAuth
is for authorization.
As far as identifying the same user which could log from different OpenID providers is concerned you will need something to identify them. For example with DotnetOpenAuth when creating an authentication request to the OpenID provider you could require the FullName and the Email:
using (var openid = new OpenIdRelyingParty())
{
var request = openid.CreateRequest(Identifier.Parse(openid_identifier));
request.AddExtension(new ClaimsRequest
{
BirthDate = DemandLevel.NoRequest,
Email = DemandLevel.Require,
FullName = DemandLevel.Require
});
}
and use this information to identify the user within your internal database.
So here's the idea:
FormsAuthentication.GetAuthCookie
and passing the claimed identity. If the claimed identity doesn't exist in your internal users table you need to add it. If the user is already authenticated to your site it means that he is adding an alternative OpenId provider to his profile, so you would update your users table and add the new provider to it.If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With