All geek questions in one place

The logic behind social input

I created a small small login script for my site that allows users to log in with Facebook or Google at the moment.

What I'm trying to do is set some checks to make sure that duplicates are not displayed in the database.

Here are some scenarios that I reviewed:

  • Log in with your Google / Facebook account and I have already registered this account. This will result in the user registering directly, as they already linked this account.
  • The user has already signed up for a Google account, but clicks Facebook because he cannot remember which account they used. This will warn the user that the email address that was returned by Facebook is already registered with the Google account. Will this allow them to click on Facebook to log in ??? NOT SURE AT THIS LOGIC AT THE MOMENT ???
  • The user clicks on Google / Facebook to log in, but the returned email address is the user who went through manual registration . This will warn the user that the social account they are trying to log in with will require a password .

What I'm going to do is to allow LINK ACCOUNT users to prevent the notification process from happening, because I can link my facebook account to my google account through my website and vice versa, etc. etc.

What I ask:

Are there any other checks that I can skip? Is this logic sonic? Is there anything I do that makes you question the login process?

Basically ask for logical advice on this.

+6
source share
1 answer

Congratulations! You're almost on the right track. Let your situation be here.

Perfect situation

1. Registered on your site 2. Log in with Google 3. Log in with Facebook

Now, take the common denominator here, I mean the primary key. I assume that in your case it should be an email address.

Actual process flow

 1. User registers. You save the email address

Or

 2. User registers with Google/Facebook and you save the email address.

Login Procedure

 1. You receive the email address either from direct login/facebook/google. 2. You match it against your table 3. On positive match, you link this social login to an existing account

If

 4. It is not a positive match then you accept whatever data you receive and then forward and then pass on to the registration page.

Hope this helps! Let me know if you want to know anything else.

Hooray!

+4
source

Source: https://habr.com/ru/post/978449/

More articles:


All Articles