社交登录背后的逻辑 [英] Logic Behind Social Login

问题描述

我为我的网站创建了一个漂亮的小登录脚本，该脚本现在允许用户使用 Facebook 或 Google 登录.

I have created a nice little login script for my website that lets users login with Facebook or Google at the moment.

我要做的是进行一些检查，以确保数据库中不出现重复项.

以下是我介绍的一些场景:

Here are some scenarios I have covered :

• 使用Google/Facebook帐户登录，并且我已经注册了该帐户，这将使用户直接登录，因为他们已经链接了该帐户.
• 用户已经已注册了Google 帐户，但单击了 Facebook ，因为他们不记得他们使用了哪个帐户.这将提醒用户从 Facebook 返回的电子邮件地址已使用 Google 帐户注册.这将使他们能够单击 Facebook进行登录 ????目前尚不确定此逻辑吗?
• 用户单击 Google/Facebook 进行登录，但是返回的电子邮件地址是经过手动注册的用户.这将提醒用户他们尝试使用登录的社交帐户需要密码.

• Login with Google/Facebook account and I have already registered this account, This will log the user straight in as they have already linked this account.
• User has already registered with Google account, yet clicks Facebook because they cannot remember which account they used. This will alert the user that the email address returned from Facebook has already been registered with a Google account. This will enable them to click on Facebook to Login ??? NOT SURE ON THIS LOGIC AT THE MOMENT ???
• User clicks on Google/Facebook to login, yet the email address returned is a user that went through the manual registration. This will alert the user that the social account they are trying to login with will require a password.

我正在考虑的是允许用户 LINK ACCOUNT ，这样就不会发生警报过程，因为我可以通过我的网站将我的facebook帐户链接到我的google帐户，反之亦然，等等.

What I am thinking of doing is allowing users to LINK ACCOUNT so that the alerting process does not happen because I can link my facebook account to my google account through my website, and vice versa etc etc.

我要问的是:

我可能还缺少其他检查吗? 这是逻辑吗?我在做什么，这会让您对登录过程产生疑问?

Are there any other checks I may be missing? Is this logic sound? Is there anything I am doing which makes you question the login process??

基本上就此问题提出逻辑建议.

推荐答案

恭喜！您几乎在正确的轨道上.让我们在这里详细了解您的情况.

Well congratulations! You're almost on the right track. Let's breakdown your situation here.

理想情况

1. Registered on your site
2. Log in with Google
3. Log in with Facebook

现在，让我们在这里使用公分母，我的意思是主键.我想您的情况应该是电子邮件地址.

Now, let's take the common denominator here, I mean the primary key. I am guessing in your case it should be the email address.

实际流程

1. User registers. You save the email address

或者，

2. User registers with Google/Facebook and you save the email address.

登录过程

1. You receive the email address either from direct login/facebook/google.
2. You match it against your table
3. On positive match, you link this social login to an existing account

如果

4. It is not a positive match then you accept whatever data you receive and then forward
   and then pass on to the registration page.

希望这会有所帮助！让我知道您是否想知道其他任何内容.

Hope this helps! Let me know if you want to know anything else.

干杯！

这篇关于社交登录背后的逻辑的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！