如何处理社交登录?- 示例流程 [英] How to handle social login? - example flow
问题描述
我有更多概念性问题,我应该如何在我的项目中处理社交登录.用例是我希望允许用户使用 Facebook 登录,并保留有关此用户的后端信息(电子邮件、名字、姓氏)
I have more conteptual question, how exactly should I handle social login in my project. The use case is that I would like to allow user to login with Facebook, and keep on my backend information about this user (email, firstname, lastname)
我有一些提案流程,但我不确定这是否是一种正确的方法.
I have some proposal Flow, but I'm not sure if it's a proper approach.
假设我有上述的应用程序架构.现在我想一步一步解释完整的成功流程.
Let's say that I have application architecture as above. Now I would like to explain step-by-step full success flow.
- 客户端(Vue 应用程序)调用 AuthProvider (Facebook)
- AuthProvider 返回
access_token
- 客户端在收到
access_token
后使用access_token
和userID
调用后端端点,如/fb_profile
(?) - 后端调用 AuthProvider 以检查客户端
access_token
提供的是否有效. - AuthProvider 返回有关用户的信息.后台获取用户信息后,将其保存到数据库并生成新的JWT令牌
- 后端将生成的令牌返回给用户
- Client (Vue application) make a call to AuthProvider (Facebook)
- AuthProvider returns
access_token
- Client after reciving
access_token
make a call to backend endpoint like/fb_profile
withaccess_token
anduserID
(?) - Backend make a call to AuthProvider to check if given by client
access_token
is valid or not. - AuthProvider returns information about user. Backend after getting information about user, save it to database and generate new JWT token
- Backend returns generated token to user
现在我的问题是 - 这是好方法吗?或者我应该以其他方式处理它?喜欢在后端部分保留更多逻辑吗?与其从客户端打电话给 Facebook,也许我应该打电话给后端,然后后端打电话给 Facebook?
Now my question is - Is this good approach? Or should i handle it in other way? Like keep more logic to backend part? Instead of make a call to Facebook from Client, maybe should I make a call to backend, and backend make a call to Facebook?
推荐答案
以上将是请求流的顺序(与您的相同).
The above will be the sequence of the request flow ( same as yours ).
这将是我们用来与 Facebook 集成的标准做法.在这种情况下,我严格建议您使用 适用于 Facebook 的 JavaScript SDK.
This would be the standard practice we used to integrate with Facebook. In this case, I strictly advise you to use the JavaScript SDK for Facebook.
如果您遇到以下问题,请参考以下链接:
Refer below link in case if you run into the following issue:
这篇关于如何处理社交登录?- 示例流程的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!