im trying to implement a login with facebook/twitter functionality in my app, i read some guides on oAuth, and i think i understood some of the basic concept, and here is what i understood (please correct me if i'm wrong):
and here is what i can't get around my head, which one of these that i should use/store to identify the user? i thought about the possibility of using each one of those, but im always stuck on how to check if the user has signed in before...
If all you need is just authentication, then storing only user_id
is enough.
So create another table like:
id | service_name | user_id | my_user_id
where service_name
is either twitter
or facebook
, user_id
- is user's id from twitter/facebook and my_user_id
is a user_id
in your authentication system.
So:
SELECT my_user_id FROM oauths WHERE service_name = 'twitter' AND user_id = 42
would return you your system user_id or nothing
PS: service_name
could (and should) be normalized, I kept it as a string just to simplify an example
PPS: as you said in comments you probably would want "posting/tweeting".
In that case you need to store user's access token for twitter, and store nothing additional for facebook, but request for publish_stream
permission when authenticate user.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With