User model design when using OAuth_问答_开发者

开发者 https://www.devze.com 2023-01-26 23:35 出处：网络

I\'m currently building a web app (my first), and w开发者_如何学JAVAanted to include OAuth capability so that users can log in via twitter and facebook. I\'m building it in Sinatra, and have looked at

I'm currently building a web app (my first), and w开发者_如何学JAVAanted to include OAuth capability so that users can log in via twitter and facebook. I'm building it in Sinatra, and have looked at the OmniAuth gem, which seems to be just right for the job. The issue I having is redesigning the User model.

Currently I have the usual first name, last name, username, email and password, with the username being unique so that I can use it for the ID, and like twitter, I can type in www.myapp.com/username to find the info on that user. I decided that for the initial version I'm just going to use twitter as the login, then later facebook, and lastly the usual sign up. My problem is that it's more than likely that people will have the same usernames in facebook as they do in twitter. So, for example, if I sign in using twitter, and take the 'newuser' ID, it will be an issue when someone with the same username from facebook tries to join.

The OmniAuth gem works by providing a hash of the user info. I'm going to use Mongo, so I can include a twitter and facebook field in the user modle and keep the hashes in there, I'm just a bit stumped as to how to go about creating unique ID's when it's more than likely that both services are going to have people with the same username, or that once the regular login is implemented, someone could sign up and take a username that is already in use on twitter or facebook, preventing those people from signing up with their twitter/facebook accounts.

I'd be really interested to hear how others have approached this.

I'm using a table only for auth keys, it means :user_id, :provider, :key columns, and a seperated User table, :email, :nickname, ...

If the user logged in with his Twitter account, log out, and log in with Google Acc. for instance, then you will have two different accounts, and there's no solution to associate any with an existing account. I suggest you to allow the logged in user to link his currently use user account to another auth provider (you should seperate the user from authentication, and after the first login he should be able to link more auth key to his user account). He logs in to his primary user account (using twitter, for example) and links his user account to his Google account clicking to google icon on auth page.