dongxian3852 2014-09-16 21:07
浏览 61
已采纳

用Facebook Php Sdk登录返回用户

Currently I am using facebook's php ask to login to my website. When they signup, I am storing their email address fetched from facebook. When they return on website and login through facebook, the fb email is matched with the one present in database and if matched, user is logged in.

But that's not a good practice. Because if user changed email in future, he/she couldn't login and also if user changed email address to someone's, it will let him/her log in.

I have found that we can store user access token, but it is not permanent. If anyone knows how we can achieve this with better security, it would be a great help.

  • 写回答

1条回答 默认 最新

  • douping7105 2014-09-16 21:18
    关注

    You can store and use user FB UID. This UID is permanent and unique for every user.

    Also if UID is not present in your system than you can try to find this user in your DB by the email. If user with the given email is found then you can stores link "user_id_in_your_system" and UID. Next login will be processed by the given UID.

    Keep in mind that some users can deny email permission for the your site

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 如何在scanpy上做差异基因和通路富集?
  • ¥20 关于#硬件工程#的问题,请各位专家解答!
  • ¥15 关于#matlab#的问题:期望的系统闭环传递函数为G(s)=wn^2/s^2+2¢wn+wn^2阻尼系数¢=0.707,使系统具有较小的超调量
  • ¥15 FLUENT如何实现在堆积颗粒的上表面加载高斯热源
  • ¥30 截图中的mathematics程序转换成matlab
  • ¥15 动力学代码报错,维度不匹配
  • ¥15 Power query添加列问题
  • ¥50 Kubernetes&Fission&Eleasticsearch
  • ¥15 報錯:Person is not mapped,如何解決?
  • ¥15 c++头文件不能识别CDialog