如何处理社交登录?- 示例流程 [英] How to handle social login? - example flow

问题描述

我有更多概念性问题，我应该如何在我的项目中处理社交登录.用例是我希望允许用户使用 Facebook 登录，并保留有关此用户的后端信息(电子邮件、名字、姓氏)

I have more conteptual question, how exactly should I handle social login in my project. The use case is that I would like to allow user to login with Facebook, and keep on my backend information about this user (email, firstname, lastname)

我有一些提案流程，但我不确定这是否是一种正确的方法.

I have some proposal Flow, but I'm not sure if it's a proper approach.

假设我有上述的应用程序架构.现在我想一步一步解释完整的成功流程.

Let's say that I have application architecture as above. Now I would like to explain step-by-step full success flow.

1. 客户端(Vue 应用程序)调用 AuthProvider (Facebook)
2. AuthProvider 返回 access_token
3. 客户端在收到 access_token 后使用 access_token 和 userID 调用后端端点，如 /fb_profile (?)
4. 后端调用 AuthProvider 以检查客户端 access_token 提供的是否有效.
5. AuthProvider 返回有关用户的信息.后台获取用户信息后，将其保存到数据库并生成新的JWT令牌
6. 后端将生成的令牌返回给用户

1. Client (Vue application) make a call to AuthProvider (Facebook)
2. AuthProvider returns access_token
3. Client after reciving access_token make a call to backend endpoint like /fb_profile with access_token and userID (?)
4. Backend make a call to AuthProvider to check if given by client access_token is valid or not.
5. AuthProvider returns information about user. Backend after getting information about user, save it to database and generate new JWT token
6. Backend returns generated token to user

现在我的问题是 - 这是好方法吗?或者我应该以其他方式处理它?喜欢在后端部分保留更多逻辑吗?与其从客户端打电话给 Facebook，也许我应该打电话给后端，然后后端打电话给 Facebook?

Now my question is - Is this good approach? Or should i handle it in other way? Like keep more logic to backend part? Instead of make a call to Facebook from Client, maybe should I make a call to backend, and backend make a call to Facebook?

推荐答案

以上将是请求流的顺序(与您的相同).

The above will be the sequence of the request flow ( same as yours ).

这将是我们用来与 Facebook 集成的标准做法.在这种情况下，我严格建议您使用 适用于 Facebook 的 JavaScript SDK.

This would be the standard practice we used to integrate with Facebook. In this case, I strictly advise you to use the JavaScript SDK for Facebook.

如果您遇到以下问题，请参考以下链接:

Refer below link in case if you run into the following issue:

Vuejs 组件等待 facebook sdk 加载

这篇关于如何处理社交登录?- 示例流程的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！