Im just diving into the logic behind social login.
So far I geted the idea of creating a user authentification using the Facebook API.
The point which confusing me is the logical architecture of an web-app/-portal which uses social login for the user registration. When facebook returns to the site "logged into facebook" what should this website do now? Creating a new user entry in its own user database or something? And when the user is comming back and login in with FB again, should the website get the user-name and email from the facebook response and should compare the local user-database with some entries (before requesting the database for entry-data just based on the plaintext-user-name from FB)?
You see, Ive got no idea about the common architecture of such a login-solution. I dont even know the basic mechanisms of reading and storing users in a database in a proper way (getting user-informations just by a plain-text username or email as the key sounds very unsafe for me).
I know its a very abstract question.
Aucun commentaire:
Enregistrer un commentaire