开发者

multiple oauth providers and implicit user account creation

开发者 https://www.devze.com 2023-04-06 06:23 出处:网络
I\'m learning oauth 2.0 and was wondering about the following scenario say I want a website to allow login with both twitter and facebook

I'm learning oauth 2.0 and was wondering about the following scenario

  • say I want a website to allow login with both twitter and facebook

  • when a new user logs in for the first time using twitter, the server checks if a user with this twitter id exists in the database and if not, creates a new user using values returned from twitter

  • the same user logs o开发者_如何学Gout and logs in again, this time using his facebook account

Question: how can I match the returning user with the account that was created the first time and avoid creating a second user account for the same user ?

Thanks


If you request for their email address, you can detect matches and merge that way?


If you are only interested in having the user log in, then you should be looking at openID, not OAuth.

Unless you explicitly ask the user to link their various accounts together for your app, there really isn't a good way to know that JohnDoe on Twitter is JohnDoe on Facebook.

You can ask the customer to link their accounts together and give them tools to merge two accounts (one created with Twitter account and one with Facebook account) together.

0

精彩评论

暂无评论...
验证码 换一张
取 消