开发者

Need to pseudo code to help me understand oauth

开发者 https://www.devze.com 2023-03-04 08:56 出处:网络
Can someone please help me understand how to use oauth authentication to allow users access to secure sections of my website?

Can someone please help me understand how to use oauth authentication to allow users access to secure sections of my website?

I am just looking for some psudo code.

For example, when someone gets authenticated by using their facebook id,

do I need to store the fact they have been authenticated, then use the session id created by facebook in the future and compare it with the session id's stored in my database?

If yes, what 开发者_如何学JAVAhappens if the facebook user removes my application from their facebook account, then latest decide to use the same id again to login to my website again? Will their session id still match the one stored in my database?

if no, do I not store anything in my database?


When the interaction between your user and facebook is finished, you'll be given a token which you should associate with your user and persist in database. You'll be able to use it for some time (configured by facebook) and should always expect HTTP Unauthorized response. In that case you have to present facebook page to the user where he can put his username password again.

0

精彩评论

暂无评论...
验证码 换一张
取 消