-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Facebook and Google login #47
Comments
Generally speaking, these two are just OAuth 2.0 protocol implementations by Google and Facebook respectively. I expect, that workflow of sign up and login will be simple enough.
|
I successfully integrated Facebook SDK. No I need to implement login low according to my plan, but I also need to synchronize it with Facebook developers documentation.
|
I need to decode signed request data to obtain the code from it. Then I should obtain long lived access token and verify user email using that token, but not the token which I received from client application. |
After long investigation I found that this is not the way it should work in case of web app.
Then I will get email,first_name, last_name using API. This data grants an ability to create new or login into existing account. |
I think I should explore the possibility of standard static site authorization API, because it allows obtaining of the special code which grants the permission to get access token at server side. |
Facebook login seems to be working well, also I managed to get long lived access token which allows us to operate from server side during 2 months. I checked integrity verification method, it's HMAC, so everything looks very secure, but despite of this I decided to double check long lived access token via token debug functionality which verifies token origin. I started to work with Google Identity and I need to implement almost same functionality but using google services. So. My next steps are:
|
We need to start researching how to implement Facebook and Google login, because these two are most popular in the web. It's very important to have such functionality because we can use it as good selling point because Facebook and Google login allow easy user conversion which is very improtant for clients who want to develop popular service.
The text was updated successfully, but these errors were encountered: